| Qualification | CISM | CISSP | GSLC |
|---|---|---|---|
| IRAP (Category A) | X | X | X |
| PCI QSA (List A) | X | X | X |
| Qualification | CISA | GSNA | ISO Lead 27001 Auditor |
|---|---|---|---|
| IRAP (Category B) | X | X | X |
| PCI QSA (List B) | X | X | X |
Christian Heinrich cmlh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Penetration Tester Name/Organization | |
| Report Question|Yes/No|Page | |
| ------------------|--------|---- | |
| Contact information|Y|1 | |
| Credentials/qualifications of analysts|N|1 | |
| Is there sufficient evidence that the individuals are organizationally independent from the management of the environment being tested?|Y|1 | |
| Dates the engagement was performed|N|1 | |
| Date the report was issued|Y|1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://edoverflow.com/2022/swiss-security-txt/ |
cmlh
/ ip2cidr.py
Created
March 15, 2022 03:33
https://www.unix.com/shell-programming-and-scripting/233825-convert-ip-ranges-cidr-netblocks.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| """ | |
| Usage: ip2cidr.py input_file | |
| """ | |
| import sys, re, netaddr | |
| def sanitize (ip): | |
| seg = ip.split('.') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN PGP PUBLIC KEY BLOCK----- | |
| Version: SKS 1.1.6 | |
| Comment: Hostname: pgp.mit.edu | |
| mQINBFUuIQEBEAC45wWgx/ZcOiAUA9zan9ynH2hYHRvYOJUYgj4YBXKHzp7zEHwFllslSlzW | |
| P6wpzkgDLyAdzNotLTB7KRDvYUj2UAYrlg9Pn4RM1zCSA4NGCqQeRYVdaWgp4I4BpqlJlU53 | |
| iEDosr+pLjUk6wjdWRN+RbvjJEP/72rKRDw9rAH2/Gu3VbOaWm+bq25t+O5PQB/ygsZCSQ2t | |
| 3hMsiMHdX+bYq8/pmBDSWQTchIptSjcNVp0SaVpovpaRnh2smC4ebxFMaOS2SxCFUVtWNmR6 | |
| KjYSTtMf8Y5wD6msnD50qeknWQA+afi2FdC4iOkexmqV2U39TDdiqsqBqu5yJ7CTrsGrpzh9 | |
| F8oBAQCyHMbhbHwHyrPBzPMqNfSMuGsw+cPuhLojeqTj92KDsLO6CToE7r/80Ih2Trhwy9C6 |
cmlh
/ 20_Jan_2022.md
Last active
January 19, 2022 23:49
Correlation of IRAP and PCI QSA Qualifications
cmlh
/ DirBuster-proxy.sh
Created
October 30, 2011 08:25
Simple shell script to replay URL(s) discovered by DirBuster over a local web proxy based on http://pauldotcom.com/2011/08/dirbuster-to-burp-the-missing.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Simple shell script to replay URL(s) discovered by DirBuster over a local web proxy i.e. Burp Proxy, etc on TCP/8080 | |
| # | |
| # Based on http://pauldotcom.com/2011/08/dirbuster-to-burp-the-missing.html | |
| # REPOSITORY | |
| # https://gist.github.com/1325706 | |
| # git://gist.github.com/1325706.git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2018-0296 | |
| AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd | |
| Diff is Scope CVSSv3 Base Vector | |
| CVSSv3 Base Score calculated higher by vendor (Cisco) at 8.6 than independent authority (NIST) at 7.5 | |
| Both CVSSv3 Base Scores are within the HIGH range (7.0-8.9) |
cmlh
/ getFBProfilePhoto.py
Created
April 19, 2018 06:09
— forked from glennzw/getFBProfilePhoto.py
Hack to allow us to load icon images in Maltego by following the redirect and serving up the actual image.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/env/python | |
| # -*- coding: utf-8 -*- | |
| # Hack to allow us to load icon images in Maltego by following | |
| # the redirect and serving up the actual image. | |
| from flask import Flask, send_file | |
| import requests | |
| app = Flask(__name__) | |
| @app.route('/fb/pic/<id>') |
cmlh
/ HTTPie_Commands_for_VirusTotal_API_v2.0.txt
Created
January 10, 2017 03:53
HTTPie Commands for VirusTotal API v2.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| These https://httpie.org/ commands are applicable to both [Public and Private] API of VirusTotal. However, only the &allinfo=1 parameter is applicable to the VirusTotal Private API v2. | |
| File Report | |
| http "https://www.virustotal.com/vtapi/v2/file/report?apikey=-YOUR API KEY HERE-&resource=7657fcb7d772448a6d8504e4b20168b8" | |
| URL Report | |
| http POST "https://www.virustotal.com/vtapi/v2/url/report?apikey=-YOUR API KEY HERE-&resource=http://www.virustotal.com?scan=1&allinfo=1" | |
| IP Address Report | |
| http "https://www.virustotal.com/vtapi/v2/ip-address/report?apikey=-YOUR API KEY HERE-&ip=90.156.201.27" |
cmlh
/ Using_Libwhisker-Example_1.pl
Created
August 25, 2013 23:22
Mirrored from http://www.symantec.com/connect/articles/using-libwhisker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use LW2; | |
| %request = (); | |
| %response = (); | |
| LW2::http_init_request(\%request); | |
| $request{'whisker'}->{'host'} = "www.victim.com"; |
NewerOlder