Skip to content

Instantly share code, notes, and snippets.

🦠
I'm really good at keeping secrets quarantined.

Joe Garcia infamousjoeg

🦠
I'm really good at keeping secrets quarantined.
Block or report user

Report or block infamousjoeg

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gist:c9c16c2a98c5142cdcc42677b1c88740

Homebrew Formula for a Go app

These are quick notes from making my own Formula and Tap.

Add go build script to your Git repo

gobuild.sh

#!/bin/bash
@infamousjoeg
infamousjoeg / enableTLS.ps1
Created Apr 14, 2020
Force PowerShell to permanently use TLS and not SSL by "Enabling Strong Cryptography"
View enableTLS.ps1
# Open PowerShell as Administrator and check the current enabled protocols
[Net.ServicePointManager]::SecurityProtocol
# When I ran this, my output was:
# sslv2, tls
# Set strong cryptography on 64 bit .Net Framework (version 4 and above)
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord
# Set strong cryptography on 32 bit .Net Framework (version 4 and above)
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord
@infamousjoeg
infamousjoeg / backup.sh
Last active Apr 7, 2020
CyberArk Conjur Shell Scripts used by Security Services
View backup.sh
#!/bin/bash
RETENTION_DAYS=30
if [[ "$(curl -k https://localhost/info)" == *"\"role\": \"master\""* ]];then
# delete backups older than 30 days
find /opt/conjur/backup -maxdepth 1 -type f -mtime +$RETENTION_DAYS -print | grep Z.tar.xz.gpg | xargs /bin/rm -f
# run the backup
docker exec dap evoke backup
fi
@infamousjoeg
infamousjoeg / setgetsecret.sh
Created Apr 1, 2020
Script to Set/Get secret variables in CyberArk Conjur & DAP - By: @jodyhuntatx
View setgetsecret.sh
#!/bin/bash
# Authenticates as a user and gets or sets value of a specified variable.
# If you set the environment variables AUTHN_USERNAME and AUTHN_PASSWORD
# to appropriate values, you can avoid having to enter the admin username
# and password every time this script runs.
# Note that 'set' does not correctly handle values containing whitespace.
CONJUR_APPLIANCE_URL=""
CONJUR_ACCOUNT=""
@infamousjoeg
infamousjoeg / AAMCP-GetPassword.cs
Created Jan 17, 2020
CyberArk AAM Credential Provider - Using CLIPasswordSDK.exe in .NET Core
View AAMCP-GetPassword.cs
public class ValuesController : ControllerBase
{
public ActionResult<string> Get()
{
using (var process = new Process())
{
process.StartInfo.FileName = @"C:\Program Files (x86)\CyberArk\ApplicationPasswordSdk\CLIPasswordSDK.exe";
process.StartInfo.Arguments = @"GetPassword /p AppDescs.AppID=""AppId"" /p Query=""Safe=SafeName;Username=Username"" /p RequiredProps=* /o Address,Username";
process.StartInfo.CreateNoWindow = true;
process.StartInfo.UseShellExecute = false;
@infamousjoeg
infamousjoeg / protectCredential.ps1
Last active Feb 5, 2020
Protecting Credentials Retrieved using @cyberark AAM Credential Providers in PowerShell Scripts [Recommended Best Practice]
View protectCredential.ps1
# Import the modules to be used
Import-Module psPAS # https://github.com/pspete/psPAS
Import-Module CredentialRetriever # https://github.com/pspete/CredentialRetriever
# Before login, we'll request the credentials from AAM and immediately pass the PSCredential object for secure login
New-PASSession -BaseURI https://pvwa.joegarcia.dev -Credential $(Get-CCPCredential -URL https://pvwa.joegarcia.dev -AppID ApplicationID -Safe SafeName -UserName ServiceManagerUser).ToCredential() -type LDAP
# Do stuff here...
# Finally,
@infamousjoeg
infamousjoeg / prism-powershell-cyberark.js
Created Dec 28, 2019
Prismjs Component - PowerShell: CyberArk Edition (featuring psPAS functions)
View prism-powershell-cyberark.js
(function (Prism) {
var powershell = Prism.languages.powershell = {
'comment': [
{
pattern: /(^|[^`])<#[\s\S]*?#>/,
lookbehind: true
},
{
pattern: /(^|[^`])#.*/,
@infamousjoeg
infamousjoeg / psPAS-OneLiners.ps1
Last active Dec 3, 2019
Collection of helpful psPAS one-liners
View psPAS-OneLiners.ps1
# Before every one-liner before, remember to import the psPAS module and create a new PAS session (unless you're already logged in.) https://github.com/pspete/psPAS
Import-Module psPAS
# You no longer have to consume the session token for later use as of psPAS v3+
New-PASSession -BaseURI https://cyberark.joegarcia.dev -Type ldap -Credential $(Get-Credential)
###########################################
# List Safe Members by Specific Permission
@infamousjoeg
infamousjoeg / update-dap.pem
Created Oct 8, 2019
/etc/letsencrypt/renewal-hooks/deploy/update-dap.pem - LetsEncrypt Deployment Script for Renewed SSL Certificates
View update-dap.pem
#!/bin/bash
DOMAIN="dap.joegarcia.dev"
[[ $RENEWED_LINEAGE != "/etc/letsencrypt/live/$DOMAIN" ]] && exit 0
echo "Updating dap.joegarcia.dev SSL certificates"
sudo docker cp /etc/letsencrypt/live/$DOMAIN/privkey.pem dap:/root/privkey.pem
sudo docker cp /etc/letsencrypt/live/$DOMAIN/cert.pem dap:/root/cert.pem
docker exec dap evoke ca import --key /root/privkey.pem --set /root/cert.pem
@infamousjoeg
infamousjoeg / RobertSafeFactory.ps1
Last active Sep 6, 2019
CyberArk Safe Search & Permission Granting
View RobertSafeFactory.ps1
Import-Module psPAS
### VARIABLES
# Base URI to PVWA as validated on the certificate
$baseURI = "https://cyberark.joegarcia.dev"
# API Automation Username
$userName = "Svc_RESTAPI"
### LOGIN
You can’t perform that action at this time.