Skip to content

Instantly share code, notes, and snippets.

Avatar

Kinnaird McQuade kmcquade

View GitHub Profile
@iann0036
iann0036 / gist:b473bbb3097c5f4c656ed3d07b4d2222
Last active Aug 30, 2022
List of expensive / long-term effect AWS IAM actions
View gist:b473bbb3097c5f4c656ed3d07b4d2222
route53domains:RegisterDomain
route53domains:RenewDomain
route53domains:TransferDomain
ec2:ModifyReservedInstances
ec2:PurchaseHostReservation
ec2:PurchaseReservedInstancesOffering
ec2:PurchaseScheduledInstances
rds:PurchaseReservedDBInstancesOffering
dynamodb:PurchaseReservedCapacityOfferings
s3:PutObjectRetention
@bkimminich
bkimminich / .vulns.yml.md
Last active Apr 29, 2022
A specification for declaring vulnerabilities in intentionally vulnerable applications ("vulnapps") to help scanners assess their own find rate
View .vulns.yml.md

.vulns.yml

A specification for declaring vulnerabilities in intentionally vulnerable applications ("vulnapps") to help scanners assess their own find rate.

Usage Concept

  1. A vulnerable application declares its vulnerabilities in an agreed schema in a .vulns.yml (or .vulns.json) file
@breser
breser / remove_unused_default_vpcs.sh
Last active Feb 19, 2021
remove_unused_default_vpcs.sh
View remove_unused_default_vpcs.sh
#!/bin/bash
# Delete Default VPCs
# Deletes Default VPCs across an entire organization if there are no ENIs in
# the default VPC.
#
# Assumes that ~/.aws/credentials has credentials to the root account for the
# AWS Organization. Assumes that the user/role you're logged into in the
# root account has permissions to assume the OrganizationAccountAccessRole in
# each member account. Requires jq and aws cli be installed on the path.
@kfosaaen
kfosaaen / MI-Owner-Escalation.ps1
Created Feb 14, 2020
A simple PoC for using an Azure Managed Identity to add a user as a Subscription Owner
View MI-Owner-Escalation.ps1
#---------Query MetaData for SubscriptionID---------#
$response2 = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/instance?api-version=2018-02-01' -Method GET -Headers @{Metadata="true"} -UseBasicParsing
$subID = ($response2.Content | ConvertFrom-Json).compute.subscriptionId
#---------Get OAuth Token---------#
$response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/' -Method GET -Headers @{Metadata="true"} -UseBasicParsing
$content = $response.Content | ConvertFrom-Json
$ArmToken = $content.access_token
@patricksanders
patricksanders / summarize.py
Created Jan 31, 2020
Summarize IAM policy with policy_sentry
View summarize.py
import json
from policy_sentry.analysis.analyze import analyze_by_access_level, determine_actions_to_expand
from policy_sentry.shared.database import connect_db
DB_SESSION = connect_db('bundled') # Use the bundled data that comes with Policy Sentry
sample_policy = json.loads("""
{
"Statement":[
View aws_magic_ips.md

This is a list of all the magic IP addresses that are addressible in AWS.

IP Address Description
169.254.169.254 AWS Metadata Service
169.254.169.253 Alternate VPC DNS resolver
169.254.169.123 AWS Time Service
169.254.170.2 ECS Task Metadata
169.254.169.250 Windows Activation
169.254.169.251 Windows Activation
@jbriales
jbriales / jq.bash
Created Jun 23, 2019
Toy jq key autocompletion
View jq.bash
function jq() {
if [ -f $1 ]; then
FILE=$1; shift
# Move FILE at the end as expected by native jq
command jq "$@" "$FILE"
else
command jq "$@"
fi
}
@bgdnlp
bgdnlp / cognito-test.py
Last active Sep 22, 2022
Sign up and log in to Cognito, check tokens, then call an API. Details: https://www.neant.ro/aws/working-with-cognito-and-api-gateway-in-python.html
View cognito-test.py
#!/usr/bin/env python3
# Demonstrates the use of Python to work with Cognito.
# Create a new a user, log in, check tokens and call an API.
# The purpose was to learn about Cognito. Security has been
# circumvented in the interest of keeping it simple.
# Notably, the authentication procedure uses the most insecure
# method. This code is not intended for use in production.
#
# https://www.neant.ro/aws/working-with-cognito-and-api-gateway-in-python.html
View gist:489c188a154cb1074f724dec375318b2
a4b
account
acm
acm-pca
amplify
apigateway
application-autoscaling
appstream
appsync
artifact