Skip to content

Instantly share code, notes, and snippets.

View felickz's full-sized avatar
:dependabot:
ALL YOUR REBASE ARE BELONG TO US.

Chad Bentz felickz

:dependabot:
ALL YOUR REBASE ARE BELONG TO US.
View GitHub Profile
@felickz
felickz / .aws
Created October 30, 2024 14:52
Intentional Secret Leak of Canary tokens
#this is intentionally leaking secrets
[default]
aws_access_key_id = AKIA2UC3BSXMI4LG74EJ
aws_secret_access_key = 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
output = json
region = us-east-2
@felickz
felickz / ghazdo-conditional-task.md
Last active April 17, 2024 08:37
GHAzDO conditionally run tasks based on enablement

To conditionally run the GHAzDO tasks in a pipeline:

image

Use the following steps:

steps:
- bash: az devops configure --defaults organization='$(System.TeamFoundationCollectionUri)' project='$(System.TeamProject)' --use-git-aliases true
  displayName: 'Set default Azure DevOps organization and project'
@felickz
felickz / !Nightlies.md
Last active October 1, 2024 22:05
CodeQL Nightlies

CodeQL Nightly Builds

CodeQL bundle pre-release from: https://github.com/dsp-testing/codeql-cli-nightlies/releases

  • GHAzDO
    • Script below depends on a PR to the GHAzDO-Resources project to enhance the install scripts to support the nightlies build: PR#45
      • Windows only currently
      • Pulls latest nightly release
  • GHAS
  • pinned to the specified release ( Nightlies are kept for ~ 3 months and then will fail as artifacts no longer available )
@felickz
felickz / ghazdo-codeql-synthetic.md
Last active October 29, 2024 20:51
GHAzDO CodeQL custom configuration for security scan of synthetic applications

This file is intended to be used for analyzing synthetic code samples. This configuration uses all possible queries from the CodeQL built in packs along with additional OSS queries and data extensions. It includes more queries than the standard security-experimental suite, providing a more thorough analysis at the cost of longer analysis times and potential false positives. It includes:

  • threat-models: local
  • queries marked as @precision: low or missing a precision
  • queries marked as @problem.severity: recommendation
  • queries in \experimental\ folders
- pwsh: |
      Invoke-WebRequest -Uri "https://raw.githubusercontent.com/GitHubSecurityLab/CodeQL-Community-Packs/main/configs/synthetics.yml" -OutFile "$(Agent.TempDirectory)/synthetics.yml"
@felickz
felickz / GitHubDependencyInsightsCopyLeft.url
Created December 21, 2022 20:33
GitHub Org Insights Dependencies - CopyLeft License Filter
javascript:window.location.href=window.location.href+'?query=license%3AGPL-2.0+license%3AGPL-3.0+license%3ALGPL-2.0+license%3ALGPL-3.0+license%3AAGPL-1.0+license%3AAGPL-1.0-only+license%3AAGPL-1.0-or-later+license%3AAGPL-3.0+license%3AAGPL-3.0-only+license%3AAGPL-3.0-or-later+license%3ARPL-1.1+license%3ARPL-1.5+license%3ARPSL-1.0+license%3AOCLC-2.0+license%3ANGPL+license%3AODbL-1.0+license%3AMS-RL+license%3AOSL-1.0+license%3AOSL-1.1+license%3AOSL-2.0+license%3AOSL-2.1+license%3AOSL-3.0+license%3AMPL-2.0+license%3AMPL-1.0+license%3AMPL-1.1+license%3AMPL-2.0-no-copyleft-exception+license%3AEPL-1.0+license%3AEPL-2.0%27;
@felickz
felickz / PrintOdd.ps1
Created October 25, 2021 20:38
Write script that prints out odd numbers between 1 and 10
1..10 | %{ $_ % 2 -eq 0 ? $null : (Write-Host "$_") }
@felickz
felickz / logman-iis-dotnet-cf.txt
Created June 21, 2021 15:28
.NET Perfmon Counters
\.NET CLR Exceptions(w3wp)\# of Exceps Thrown
\.NET CLR Exceptions(w3wp)\# of Exceps Thrown / sec
\.NET CLR Exceptions(w3wp)\# of Filters / sec
\.NET CLR Exceptions(w3wp)\# of Finallys / sec
\.NET CLR Exceptions(w3wp)\Throw To Catch Depth / sec
\.NET CLR LocksAndThreads(w3wp)\# of current logical Threads
\.NET CLR LocksAndThreads(w3wp)\# of current physical Threads
\.NET CLR LocksAndThreads(w3wp)\# of current recognized threads
\.NET CLR LocksAndThreads(w3wp)\# of total recognized threads
\.NET CLR LocksAndThreads(w3wp)\Contention Rate / sec
$symbols = '!@#$%^&*'.ToCharArray()
$characterList = 'a'..'z' + 'A'..'Z' + '0'..'9' + $symbols
function GeneratePassword {
param(
[Parameter(Mandatory = $false)]
[ValidateRange(12, 256)]
[int]
$length = 14
)
$breakTimeMin = 10; 0..($breakTimeMin-1)|%{ Write-Progress -Activity "<Conference Name Goes Here>" -Status "next session begins in: $($breakTimeMin - $_) minutes" -PercentComplete ($_ / $breakTimeMin * 100); sleep 60; }