This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"properties": { | |
"displayName": "Linux machines should meet requirements for the Azure compute security baseline - custom 2", | |
"policyType": "Custom", | |
"mode": "Indexed", | |
"description": "Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if the machine is not configured correctly for one of the recommendations in the Azure compute security baseline.", | |
"metadata": { | |
"category": "Guest Configuration", | |
"createdBy": "73175a57-a138-4125-8bf9-8373cff050bf", | |
"createdOn": "2023-11-14T20:27:31.7401264Z", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"properties": { | |
"displayName": "Linux machines should meet requirements for the Azure compute security baseline", | |
"policyType": "BuiltIn", | |
"mode": "Indexed", | |
"description": "Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if the machine is not configured correctly for one of the recommendations in the Azure compute security baseline.", | |
"metadata": { | |
"version": "2.1.0", | |
"category": "Guest Configuration", | |
"requiredProviders": [ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"properties": { | |
"displayName": "Block all azure vm extensions policy", | |
"policyType": "Custom", | |
"mode": "All", | |
"metadata": { | |
"version": "2.0.0", | |
"createdBy": "73175a57-a138-4125-8bf9-8373cff050bf", | |
"createdOn": "2023-11-09T19:12:54.3579633Z", | |
"updatedBy": null, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
variable "region" { | |
default = "us-east-1" | |
} | |
resource "aws_ec2_host" "example_host" { | |
instance_type = "mac1.metal" | |
availability_zone = "us-east-2b" | |
} | |
data "aws_ami" "macos" { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Secrets scanning at scale: 3 different tools | |
# trufflehog | |
#!/bin/bash | |
# 1. get all repos: gh repo list <organization> --limit 1000 > repos.txt | |
# 2. parse repos.txt so each line looks similar to: https://github.com/username/repo-name.git | |
# Remotely scan the repos using trufflehog without downloading | |
while IFS= read -r repo | |
do |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Credit and props to Manoel Abreu @reefbr - Thank you man! | |
# This one-liner uses dockerized gitleaks to detect a custom toml file with AWS access keys and secret | |
wget https://gist.githubusercontent.com/iknowjason/64914c08c0512f7380dbe7240812d69d/raw/6044896415ba9adc02a055fe774f67e31ecddad0/aws_key.toml; docker run --rm -v "$PWD:/script" -v <GIT_DIRECTORY_FULL_PATH>/:/code/ --name=gitleaks zricethezav/gitleaks -v detect -c=/script/aws_key.toml -p=/code |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
title = "gitleaks aws secrets config" | |
[[rules]] | |
description = "AWS Key ID" | |
regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}''' | |
tags = ["key", "AWS"] | |
[[rules]] | |
description = "AWS Secret Key2" | |
regex = '''(?i)aws_secret_key=''' | |
tags = ["key", "AWS"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Start with a DNS domain as seed, and do some recon to check if domain is M365 / Azure tenant hosted | |
# Insert your domain environment variable below | |
DOMAIN="microsoft.com" | |
# Check the getuserrealm.srf endpoint for domain information | |
# Check autodiscover.$DOMAIN DNS entry | |
host autodiscover.$DOMAIN | |
# Note: Checks autodiscover forward lookup ~ you should see a CNAME record for autodiscover.$DOMAIN pointing to autodiscover.otulook.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### | |
# Author: Jason Ostrom | |
### | |
# | |
# Description: Connect to a redis server and print unique values for keys | |
# | |
### | |
# 1. Install python redis client | |
# $sudo pip3 install redis | |
# 2. Edit your HOST |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Step 1: Edit your masscan command in the variable line below, correctly specifying your hosts and ports. You don't need to change the '-oJ mscan.xml' line as this is required. | |
masscan_command = "sudo masscan 192.168.7.0/24 --rate 20000 -p1-3000 -oG mscan.xml" | |
#Example masscan_command = "sudo masscan 192.168.7.0/24 --rate 20000 -p1-65535 -oG mscan.xml" | |
#Example masscan_command = "sudo masscan 192.168.7.0/24 -p1-65535 -oG mscan.xml" | |
### Note: Make sure your output file name is 'mscan.txt' | |
### Step 2: Run this script | |
### python3 masscan_nmap4.py | |
import os |
NewerOlder