judavi

Get the SSL certificate of a website using openssl command:

$ echo | openssl s_client -servername NAME -connect HOST:PORT |\
  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > certificate.crt

CA Bundle Path

judavi

curl -LO https://get.helm.sh/helm-v3.0.2-linux-amd64.tar.gz tar -xvf helm-v3.0.2-linux-amd64.tar.gz mv linux-amd64/helm /usr/local/bin/

mkdir test cd test git clone https://github.com/grafeas/kritis.git cd kritis/docs/standalone

Create gac.json

judavi

in-toto

Formal definition

This document describes in-toto, a system for securing the way in which software is developed, built, tested, and packaged (i.e., the software supply chain). in-toto attests to the integrity and verifiability of all the actions performed while writing code, compiling, testing, and deploying software. It does so by making it transparent to the user what steps were performed, by whom and in what order. As a result, given guidance by the group creating the software, in-toto allows the user to verify if a step in the supply chain was intended to be performed, if the step was performed by the right actor, and attests that materials (e.g., source code) were not tampered with between steps.

101 Version

In-toto defines a layout for the end to end process. This layout includes a series of steps and actors that will be performed during the process. Each step have some outputs that are signed with the public key of the actor performing the step. At the end of the process in-toto verify

judavi

/usr/bin/dockerd -H unix://

#Sometimes in RHEL7 is neccesary to create the Docker group

sudo groupadd docker
sudo usermod -aG docker $USER
newgrp docker 

judavi

drop table projects cascade CONSTRAINTS;
drop sequence projects_seq;
drop trigger projects_seq_tr;
drop table notes cascade CONSTRAINTS;
drop trigger notes_seq_tr;
drop  table occurrences cascade CONSTRAINTS;
drop trigger occurrences_seq_tr;
drop trigger projects_seq_tr;
drop sequence projects_seq;
drop sequence notes_seq;

judavi

{
  "name": "projects/ccc/notes/CVE-2015-2730",
  "shortDescription": "CVE-2015-2730",
  "longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:N/I:P/A:N",
  "kind": "VULNERABILITY",
  "relatedUrl": [
    {
      "url": "https://security-tracker.debian.org/tracker/CVE-2015-2730",
      "label": "More Info"
    },

judavi

#!/bin/bash
#
# Generates client and server certificates used to enable HTTPS
# remote authentication to a Docker daemon.
#
#     See http://docs.docker.com/articles/https/
#
# To start the Docker Daemon:
#
#     sudo docker -d                 \

judavi

• Default pageSize for occurrences http://localhost:8080/v1beta1/projects/entitlements/notes/nicolasjaar/occurrences?pageSize=5
• Error deleting occurrences
  • gpc: error while marshaling: proto: Marshal called with nil"
• Update occurrence (is in todo)
• Data fields as JSON
• Better error debug
• How to debug

judavi

[judavi@grafeas grafeas]$ git status
# On branch master
# Untracked files:
#   (use "git add <file>..." to include in what will be committed)
#
#	go/v1beta1/main/config.yaml
nothing added to commit but untracked files present (use "git add" to track)
[judavi@grafeas grafeas]$ make
# protoc and tools need to be run before all of the other generations.
go generate ./protoc

judavi

This is an script to download CVE notes from Grafeas. Could be really handy if you need to populate your Grafeas instance with some initial information