Costas K costasko
costasko
/ GuardDuty-DNS-DropPoint.json
Created
June 21, 2022 09:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Findings": [ | |
| { | |
| "AccountId": "123456789012", | |
| "Arn": "arn:aws:guardduty:eu-west-1:123456789012:detector/60c0c2ceb4979145c04e0c3aeff92e63/finding/e4c0c2ced9a702278fda8239b173d802", | |
| "CreatedAt": "2022-06-21T09:35:13.742Z", | |
| "Description": "EC2 instance i-99999999 is querying a domain name of a remote host that is known to hold credentials and other stolen data captured by malware.", | |
| "Id": "e4c0c2ced9a702278fda8239b173d802", | |
| "Partition": "aws", | |
| "Region": "eu-west-1", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ssh -R 65022:localhost:22 core@localhost -t -i ~/.ssh/podman-machine-default -p 57587 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "mkdir -p /var/home/core/hmount/ && sshfs $USER@localhost:/Users/$USER /var/home/core/hmount/ -p 65022" |