felickz

#this is intentionally leaking secrets
[default]
aws_access_key_id = AKIA2UC3BSXMI4LG74EJ
aws_secret_access_key = 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
output = json
region = us-east-2

felickz

To conditionally run the GHAzDO tasks in a pipeline:

Use the following steps:

steps:
- bash: az devops configure --defaults organization='$(System.TeamFoundationCollectionUri)' project='$(System.TeamProject)' --use-git-aliases true
  displayName: 'Set default Azure DevOps organization and project'

felickz

CodeQL Nightly Builds

CodeQL bundle pre-release from: https://github.com/dsp-testing/codeql-cli-nightlies/releases

• GHAzDO
  • Script below depends on a PR to the GHAzDO-Resources project to enhance the install scripts to support the nightlies build: PR#45
    • Windows only currently
    • Pulls latest nightly release
• GHAS
• pinned to the specified release ( Nightlies are kept for ~ 3 months and then will fail as artifacts no longer available )

felickz

codeql-synthetics.yml

This file is intended to be used for analyzing synthetic code samples. This configuration uses all possible queries from the CodeQL built in packs along with additional OSS queries and data extensions. It includes more queries than the standard security-experimental suite, providing a more thorough analysis at the cost of longer analysis times and potential false positives. It includes:

• threat-models: local
• queries marked as @precision: low or missing a precision
• queries marked as @problem.severity: recommendation
• queries in \experimental\ folders

- pwsh: |
      Invoke-WebRequest -Uri "https://raw.githubusercontent.com/GitHubSecurityLab/CodeQL-Community-Packs/main/configs/synthetics.yml" -OutFile "$(Agent.TempDirectory)/synthetics.yml"

felickz

Runs this PS script: https://github.com/felickz/scripts/blob/main/pwsh/Count-SecretScanningPatterns.ps1

felickz

javascript:window.location.href=window.location.href+'?query=license%3AGPL-2.0+license%3AGPL-3.0+license%3ALGPL-2.0+license%3ALGPL-3.0+license%3AAGPL-1.0+license%3AAGPL-1.0-only+license%3AAGPL-1.0-or-later+license%3AAGPL-3.0+license%3AAGPL-3.0-only+license%3AAGPL-3.0-or-later+license%3ARPL-1.1+license%3ARPL-1.5+license%3ARPSL-1.0+license%3AOCLC-2.0+license%3ANGPL+license%3AODbL-1.0+license%3AMS-RL+license%3AOSL-1.0+license%3AOSL-1.1+license%3AOSL-2.0+license%3AOSL-2.1+license%3AOSL-3.0+license%3AMPL-2.0+license%3AMPL-1.0+license%3AMPL-1.1+license%3AMPL-2.0-no-copyleft-exception+license%3AEPL-1.0+license%3AEPL-2.0%27;

felickz

1..10 | %{ $_ % 2 -eq 0 ? $null  : (Write-Host "$_") }

felickz

\.NET CLR Exceptions(w3wp)\# of Exceps Thrown
\.NET CLR Exceptions(w3wp)\# of Exceps Thrown / sec
\.NET CLR Exceptions(w3wp)\# of Filters / sec
\.NET CLR Exceptions(w3wp)\# of Finallys / sec
\.NET CLR Exceptions(w3wp)\Throw To Catch Depth / sec
\.NET CLR LocksAndThreads(w3wp)\# of current logical Threads
\.NET CLR LocksAndThreads(w3wp)\# of current physical Threads
\.NET CLR LocksAndThreads(w3wp)\# of current recognized threads
\.NET CLR LocksAndThreads(w3wp)\# of total recognized threads
\.NET CLR LocksAndThreads(w3wp)\Contention Rate / sec

felickz

$symbols = '!@#$%^&*'.ToCharArray()
$characterList = 'a'..'z' + 'A'..'Z' + '0'..'9' + $symbols
function GeneratePassword {
    param(
        [Parameter(Mandatory = $false)]
        [ValidateRange(12, 256)]
        [int] 
        $length = 14
    )
    

felickz

 $breakTimeMin = 10; 0..($breakTimeMin-1)|%{ Write-Progress -Activity "<Conference Name Goes Here>" -Status "next session begins in: $($breakTimeMin - $_) minutes" -PercentComplete ($_ / $breakTimeMin * 100); sleep 60; }