Skip to content

Instantly share code, notes, and snippets.

View hervekhg's full-sized avatar

Herve hervekhg

3 followers · 4 following
View GitHub Profile
@hervekhg
hervekhg / awsvsazure.md
Created October 21, 2022 14:42 — forked from vikpande/awsvsazure.md
AWS & Azure services comparision
TOPIC AWS AZURE FUNCTIONALITY
Compute E
@hervekhg
hervekhg / generate-wildcard-certificate.sh
Created July 22, 2021 10:22 — forked from PowerKiKi/generate-wildcard-certificate.sh
Generate self-signed wildcard SSL certificate for development environment
#!/usr/bin/env bash
# print usage
DOMAIN=$1
if [ -z "$1" ]; then
echo "USAGE: $0 domain.lan"
echo ""
echo "This will generate a non-secure self-signed wildcard certificate for given domain."
echo "This should only be used in a development environment."
@hervekhg
hervekhg / openssl-cheat.sh
Created July 22, 2021 08:00 — forked from alvarow/openssl-cheat.sh
OpenSSL and Keytool cheat sheet
# Generate a new key
openssl genrsa -out server.key 2048
# Generate a new CSR
openssl req -sha256 -new -key server.key -out server.csr
# Check certificate against CA
openssl verify -verbose -CApath ./CA/ -CAfile ./CA/cacert.pem cert.pem
# Self Signed
@hervekhg
hervekhg / windows_hardening.cmd
Created September 16, 2020 14:46 — forked from ricardojba/windows_hardening.cmd
A Windows hardening script
::###############################################################################################################
:: Credits and More info: https://gist.github.com/mackwage/08604751462126599d7e52f233490efe
:: https://github.com/LOLBAS-Project/LOLBAS
:: https://lolbas-project.github.io/
:: https://github.com/Disassembler0/Win10-Initial-Setup-Script
:: https://github.com/cryps1s/DARKSURGEON/tree/master/configuration/configuration-scripts
:: https://gist.github.com/alirobe/7f3b34ad89a159e6daa1#file-reclaimwindows10-ps1-L71
:: https://github.com/teusink/Home-Security-by-W10-Hardening
::
::###############################################################################################################
@hervekhg
hervekhg / lambdaendpoints3.py
Last active February 19, 2020 16:37
###############################################
## Author : HKO
## Date: 16/02/2020
## Description: This Lambda function Add Bucket in VPC S3 Endpoint Policy
#####################################################
from boto3 import resource, client
from logging import getLogger, info, error, debug
from os import environ
from botocore.exceptions import ClientError
@hervekhg
hervekhg / buckettoendpointpolicy.tf
Created February 19, 2020 14:47
data "aws_iam_policy_document" "lambda_policy_doc" {
statement {
effect = "Allow"
actions = [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"config:PutEvaluations",
]
@hervekhg
hervekhg / buckettoendpointpolicy.py
Last active February 19, 2020 16:23
###############################################
## Author : HKO
## Date: 16/02/2020
## Description: This Lambda function Add Bucket in VPC S3 Endpoint Policy
#####################################################
from boto3 import resource, client
from logging import getLogger, info, error, debug
from os import environ
from botocore.exceptions import ClientError
@hervekhg
hervekhg / enforcekmsencryption.py
Created January 17, 2020 17:10
###############################################
## Author : Hervekhg
## Description: This Lambda function enforce encryption on unencrypted S3 Bucket
#####################################################
from boto3 import resource, client
from logging import getLogger, info, error, debug
from os import environ
from botocore.exceptions import ClientError
@hervekhg
hervekhg / terraform_cmd.sh
Created January 17, 2020 16:28
cd terraform_code_folder
terraform init
terraform plan
terraform apply
@hervekhg
hervekhg / cloudwatch_event_target.tf
Created January 17, 2020 16:25
resource "aws_cloudwatch_event_target" "sns_target" {
arn = var.sns_topic_arn
rule = aws_cloudwatch_event_rule.daily.name
target_id = "send-sns-notification"
}