Skip to content

Instantly share code, notes, and snippets.

View magnologan's full-sized avatar

Magno Logan magnologan

339 followers · 275 following
View GitHub Profile
@magnologan
magnologan / mitre_attack_oneliners.sh
Created June 29, 2023 17:16 — forked from thomaspatzke/mitre_attack_oneliners.sh
MITRE ATT&CK oneliners
# Requires: curl, jq
# Download MITRE ATT&CK data from GitHub repository
curl -o enterprise-attack.json https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json
# List all ATT&CK object types
jq -r '[ .objects[].type ] | unique | .[]' enterprise-attack.json
# List all ATT&CK technique identifiers
jq -r '[ .objects[] | select(.type == "attack-pattern") | .external_references[] | select(.source_name == "mitre-attack") | .external_id ] | sort | .[]' enterprise-attack.json
@magnologan
magnologan / Preparation to App Sec Engineer Interview and Questions
Created April 8, 2023 18:12 — forked from themoonofendor/Preparation to App Sec Engineer Interview and Questions
- Threat Modelling / Code Review —
Resources-for-Application-Security
How to prepare for a security engineer interview by Eray Mitrani
Security_Engineer_Interview_Questions by Tad Whitaker
Security Engineer - Interview Questions by Namish
@magnologan
magnologan / windows_hardening.cmd
Created February 26, 2023 02:15 — forked from mackwage/windows_hardening.cmd
Script to perform some hardening of Windows OS
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:
@magnologan
magnologan / index.html
Created January 12, 2023 14:03 — forked from looselytyped/index.html
Containers in 3 weeks — Week 1 (nginx test file)
<!DOCTYPE html>
<html lang="en">
<head>
<!-- BLATANTLY STOLEN FROM https://getbootstrap.com/docs/4.1/examples/cover/ -->
<title>Docker Workshop</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous">
<style>
/*
@magnologan
magnologan / Setup.md
Created January 12, 2023 14:02 — forked from looselytyped/Setup.md
Containers in 3 weeks - Set up

Containers in 3 weeks — Week 1/2 setup

Installation

You will need Docker installed! Here is a link to get you started. Proceed after you are done installing.

Warm up your engines!

@magnologan
magnologan / Security Conferences.md
Created November 3, 2022 09:29 — forked from guyru/Security Conferences.md
@magnologan
magnologan / cloudTrailEventNames.list
Created September 13, 2022 14:26 — forked from pkazi/cloudTrailEventNames.list
List of values for parameter EventName in AWS Cloudtrail events
AbortDocumentVersionUpload
AbortEnvironmentUpdate
AbortMultipartUpload
AbortVaultLock
AcceptAccountMapping
AcceptCertificateTransfer
AcceptDelegate
AcceptDirectConnectGatewayAssociationProposal
AcceptFxPaymentCurrencyTermsAndConditions
AcceptHandshake
@magnologan
magnologan / install-kubernetes-flannel-centos7.md
Created April 20, 2022 18:05 — forked from rkaramandi/install-kubernetes-flannel-centos7.md
Installing Kubernetes with the Flannel Network Plugin on CentOS 7

Install Prerequisites on ALL (Worker and Master) Nodes

Let's remove any old versions of Docker if they exist:

sudo yum remove docker \
                  docker-common \
                  docker-selinux \
                  docker-engine
@magnologan
magnologan / log4j.md
Created December 15, 2021 19:49 — forked from noperator/log4j.md
Emerging threat details on CVE-2021-44228 in Apache Log4j

Update: Please see Bishop Fox's rapid response post Log4j Vulnerability: Impact Analysis for latest updates about this vulnerability.

Technologies using Apache Log4j

The Cosmos 🌌 team at Bishop Fox 🦊 is currently researching open-source projects that appear to use Log4j by default.

  • Apache Druid
  • Apache Dubbo
  • Apache Flink
  • Apache Flume
@magnologan
magnologan / 20211210-TLP-WHITE_LOG4J.md
Created December 13, 2021 14:55 — forked from SwitHak/20211210-TLP-WHITE_LOG4J.md
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-12 2204 UTC

Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great ressources