SELECT timestamp, target, conn_info->'ciphersuite'
FROM scans
WHERE has_tls = 'true'
AND completion_perc = 100
ORDER BY timestamp desc limit 1;
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Title: Modern web application security | |
Speaker: Julien Vehent | |
Julien leads the Firefox Operations Security team at Mozilla, tasked with | |
defining, implementing and operating the security of Firefox's backend services | |
and release engineering infrastructure. Julien's background is in web | |
applications security, services architecture, cryptography and risk management. | |
Julien is the author of "Securing DevOps", published at Manning Editions. More | |
at https://jve.linuxwall.info/jve.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Title: Modern web application security | |
Speaker: Julien Vehent | |
Bio: Julien leads the Firefox Operations Security team at Mozilla, tasked with defining, implementing and operating the security of Firefox's backend services and release engineering infrastructure. Julien's background is in web applications security, services architecture, cryptography and risk management. Julien is the author of "Securing DevOps", published at Manning Editions. More at https://jve.linuxwall.info/jve.html | |
Abstract: | |
It is 2018 and your websites are still getting targeted on a daily basis. Your WAF rules are so complex no one wants to touch them, and every time you're done reviewing the next javascript framework, a new one has popped up on Hackers News, and shipped in production. Your bug bounty program alerts you of a new XSS every other week, and there's no end in sight. Meanwhile, your boss keeps asking if you're on the latest version of Apache Struts, terrified to become the next Equifax. Suffice to say, web application sec |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ go run main.go -i ~/app-rocket-webkit-release-1816-signed.apk -o /tmp/rocket-aligned.signed.apk -v 2>&1| grep padding | |
2018/01/11 08:16:59 --- res/drawable-hdpi-v4/common_google_signin_btn_icon_dark_normal_background.9.png: padding 3 bytes | |
2018/01/11 08:16:59 --- res/drawable-hdpi-v4/design_ic_visibility.png: padding 1 bytes | |
2018/01/11 08:16:59 --- res/drawable-hdpi-v4/googleg_disabled_color_18.png: padding 3 bytes | |
2018/01/11 08:16:59 --- res/drawable-hdpi-v4/home_pattern.png: padding 1 bytes | |
2018/01/11 08:16:59 --- res/drawable-hdpi-v4/ic_notification.png: padding 3 bytes | |
2018/01/11 08:16:59 --- res/drawable-hdpi-v4/logotype.png: padding 1 bytes | |
2018/01/11 08:16:59 --- res/drawable-mdpi-v4/common_google_signin_btn_icon_dark_normal_background.9.png: padding 3 bytes | |
2018/01/11 08:16:59 --- res/drawable-mdpi-v4/design_ic_visibility.png: padding 1 bytes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# zap-baseline rule configuration file | |
# change FAIL to IGNORE to ignore rule or FAIL to fail if rule matches | |
# only the rule identifiers are used - the names are just for info | |
2 IGNORE (Private IP Disclosure) | |
10010 FAIL (Cookie No HttpOnly Flag) | |
10011 FAIL (Cookie Without Secure Flag) | |
10012 IGNORE (Password Autocomplete in browser) | |
10016 IGNORE (Web Browser XSS Protection Not Enabled) | |
# Warn on 10017 for now, need to decide how to handle SRI's better | |
# 10017 FAIL (Cross-Domain JavaScript Source File Inclusion) |
- The service must have performed a Rapid Risk Assessment and have a Risk Record bug
- Public staging and production endpoints must be added to the security baseline
- Access and application logs must be archived for a minimum of 90 days
- Use Modern or Intermediate TLS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
""" | |
tool to manipulate digital signatures in PE files | |
commands: | |
- delete signed-file unsigned-file | |
- copy signed-source-file unsigned-file signed-file | |
- extract signed-file signature | |
- add signature unsigned-file signed-file |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
"Languages that use spaces, not tabs | |
autocmd FileType js :setlocal sw=4 ts=4 sts=4 expandtab | |
autocmd FileType lua :setlocal sw=2 ts=2 sts=2 expandtab | |
autocmd FileType python :setlocal sw=4 ts=4 sts=4 expandtab | |
autocmd FileType yaml :setlocal sw=4 ts=4 sts=4 expandtab | |
autocmd FileType pp :setlocal sw=4 ts=4 sts=4 expandtab | |
"Languages that use tabs, not spaces | |
autocmd FileType php :setlocal sw=3 ts=3 sts=3 noexpandtab | |
autocmd FileType c :setlocal sw=6 ts=6 sts=6 noexpandtab | |
autocmd FileType cpp :setlocal sw=4 ts=4 sts=4 noexpandtab |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# configuration | |
VPC=vpc-24e97b4d | |
IGW=igw-9f59e9f6 | |
MAINRT=rtb-ae92f4c7 | |
REGION=us-east-2 | |
SSHKEY=jvehent-cloudservicesawsdev-us-east-2-20170513 | |
fail() { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require "io" | |
local msg = { | |
Timestamp = nil, | |
Type = "logfile", | |
Hostname = "localhost", | |
Logger = "cloudtrail", | |
Payload = nil, | |
Fields = nil | |
} |