Skip to content

Instantly share code, notes, and snippets.

Avatar

Kinnaird McQuade kmcquade

View GitHub Profile
@kmcquade
kmcquade / pw_example.py
Created January 25, 2023 21:49
pw_example.py
View pw_example.py
"""
Gmail doesn't work using regular recording. It will only work if you run the recording script and then wrap the recorded script in this
"""
from playwright.sync_api import Playwright, sync_playwright, expect
from playwright._impl._api_types import Error as PlaywrightError
def run(pw: Playwright) -> None:
args = [
@kmcquade
kmcquade / ldbdump.py
Created November 6, 2022 20:23 — forked from mkorthof/ldbdump.py
ldbdump - dumps LevelDB keys/values
View ldbdump.py
#!/usr/bin/python3
# ldbdump - dumps LevelDB keys/values
#
# a LevelDB is a dir with files such a these:
# 000050.ldb 000100.log CURRENT LOCK LOG MANIFEST-000099
#
# sources: https://github.com/tos-kamiya/levelobjdb dump()
import os
View install-firing-range.sh
#!/bin/bash
# Clone the Firing Range Repository
git clone https://github.com/google/firing-range.git
# Change to 'firing-range' directory
cd firing-range
# Download the AppEngine SDK
wget https://storage.googleapis.com/appengine-sdks/featured/appengine-java-sdk-1.9.23.zip
@kmcquade
kmcquade / risky-actions-example.yml
Created December 10, 2021 18:06
Explanation for a vendor on a potential way to represent risky action combinations for their product via yaml
View risky-actions-example.yml
###
# Format is below
#
# risk-name:
# target-name: # AND logic
# - service:actionName
# - service:act*
#
####
# List of high priority resource exposure actions here: https://gist.github.com/kmcquade/3161a6737285dc0508a9fa3446e22090
View Resource Exposure Actions.md

IAM Actions that can expose resources via Resource Based Policies

ACM Private CAs:

CloudWatch Logs:

  • logs:PutResourcePolicy: Creates or updates a resource policy allowing other AWS services to put log events to this account
  • logs:DeleteResourcePolicy: Deletes a resource policy from this account. This revokes the access of the identities in that policy to put log events to this account.
@kmcquade
kmcquade / requirements.txt
Created September 20, 2021 18:01
Run Terraform get recursively using python-terraform
View requirements.txt
python_terraform==0.10.1
View explanation.md

This explains a current issue in the ZAP Automation Framework where ZAP will perform tests even when they are explicitly excluded from the scan results - that is, even when you set defaultThreshold (which is supposed to apply as the default for all scan rules) or threshold (rule-specific settings) to 'Off', the checks are still performed.

Instructions

  • mkdir -p /tmp/zap/
  • Save the template.yaml YAML file to /tmp/zap/template.yaml
  • Run these commands to trigger the scan:
@kmcquade
kmcquade / template.yaml
Created July 17, 2021 22:14
ZAP Automation Template example - works with v0.4, runs against Google firing range
View template.yaml
--- # OWASP ZAP automation configuration file, for more details see https://www.zaproxy.org/docs/automate/automation-framework/
env: # The environment, mandatory
contexts : # List of 1 or more contexts, mandatory
- name: context 1 # Name to be used to refer to this context in other jobs, mandatory
urls: # A mandatory list of top level urls, everything under each url will be included
- https://public-firing-range.appspot.com/
includePaths: # An optional list of regexes to include
excludePaths: # An optional list of regexes to exclude
authentication: # TBA: In time to cover all auth configs
vars: # List of 1 or more variables, can be used throughout the config
@kmcquade
kmcquade / template.yml
Created June 23, 2021 16:56
2021-06-23: ZAP Automation Framework troubleshooting
View template.yml
---
# OWASP ZAP automation configuration file, for more details see https://www.zaproxy.com/docs/(TBA)
env: # The environment, mandatory
contexts: # List of 1 or more contexts, mandatory
- name: context 1 # Name to be used to refer to this context in other jobs, mandatory
url: http://demo.testfire.net # The top level url, mandatory, everything under this will be included
includePaths: # TBA: An optional list of regexes to include
excludePaths: # TBA: An optional list of regexes to exclude
authentication: # TBA: In time to cover all auth configs
parameters:
View zap-template-question.yaml
--- # OWASP ZAP automation configuration file, for more details see https://www.zaproxy.com/docs/(TBA)
env: # The environment, mandatory
contexts: # List of 1 or more contexts, mandatory
- name: context 1 # Name to be used to refer to this context in other jobs, mandatory
url: http://demo.testfire.net/ # The top level url, mandatory, everything under this will be included
includePaths: # TBA: An optional list of regexes to include
excludePaths: # TBA: An optional list of regexes to exclude
authentication: # TBA: In time to cover all auth configs
parameters:
failOnError: true # If set exit on an error