Skip to content

Instantly share code, notes, and snippets.

View acheremisov's full-sized avatar

Andrew acheremisov

3 followers · 0 following
  • Toronto, Canada
View GitHub Profile
@acheremisov
acheremisov / AWS-services-2023-06-16
Created June 16, 2023 16:42
Full list of AWS services with description
Service: Access Analyzer
Desc:
<p>Identity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to identify any policies that grant access to an external principal. It does this by using logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An external principal can be another Amazon Web Services account, a root user, an IAM user or role, a federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to preview and validate public and cross-account access to your resources before deploying permissions changes. This guide describes the Identity and Access Management Access Analyzer operations that you can call programmatically. For general information about IAM Access Analyzer, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html">Identity and Access Management Access Analyzer</a> in the <b>IAM User Guide</b>.</p> <p>To start using IAM A
@acheremisov
acheremisov / .gitignore
Last active November 2, 2023 09:59
.gitignore example for Terraform
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.log
@acheremisov
acheremisov / Pi-hole Regex
Created April 10, 2020 22:33
^(.+[_.-])?ad[sxv]?[0-9]*[_.-]
^(.+[_.-])?adse?rv(er?|ice)?s?[0-9]*[_.-]
^(.+[_.-])?telemetry[_.-]
^(www[0-9]*\.)?xn--
^adim(age|g)s?[0-9]*[_.-]
^adtrack(er|ing)?[0-9]*[_.-]
^advert(s|is(ing|ements?))?[0-9]*[_.-]
^aff(iliat(es?|ion))?[_.-]
^analytics?[_.-]
^banners?[_.-]
@acheremisov
acheremisov / blogCyberSec_asaHardening.txt
Created January 26, 2020 17:30
Cisco ASA Hardening Best Practices
! Set hostname, domain-name and enable pass.
hostname ACME-ASA5545
domain-name ACME.COM
enable password $sha512$5000$0VRh3f2no2Na/HtZXqIc9g==$5ua3NRhS4AFbjCDQGbU9Aw== pbkdf2
! Configure login and ASDM banners
! Login banner should not contain any specific information about the device name, model, software, or ownership because this information can be used by hackers.
banner login =========================================================================
banner login THIS IS A ACME CORPORATION COMPUTER SYSTEM. THIS COMPUTER
@acheremisov
acheremisov / gist:b74fec9f6f8c614abf34ccf4d1cf47db
Created January 29, 2019 16:44 — forked from saetia/gist:1623487
Clean Install – OS X 10.11 El Capitan

OS X Preferences

most of these require logout/restart to take effect

# Enable character repeat on keydown
defaults write -g ApplePressAndHoldEnabled -bool false

# Set a shorter Delay until key repeat
@acheremisov
acheremisov / gist:7c0290a09bd63e4169e976f7ed559dfc
Last active April 10, 2018 18:21
ASA Best Practices
! Set hostname, domain-name and enable pass.
hostname ACME-ASA5545
domain-name ACME.COM
enable password $sha512$5000$0VRh3f2no2Na/HtZXqIc9g==$5ua3NRhS4AFbjCDQGbU9Aw== pbkdf2
! Configure login and ASDM banners
! Login banner should not contain any specific information about the device name, model, software, or ownership because this information can be used by hackers.
banner login =========================================================================
banner login THIS IS A ACME CORPORATION COMPUTER SYSTEM. THIS COMPUTER