NolaCon 2017 GBC04 EDNS Client Subnet ECS DNS CDN Magic or Secur Jim Nitterauer
archive.is not resolving under 1.1.1.1 Cloudflare DNS resolver
Resolving Google using two different IP address will provide two different results.
| #! /usr/bin/env sh | |
| while getopts sf:p ARG | |
| do | |
| case "${ARG}" in | |
| s) SHORT_LIST=1;; | |
| f) FILEPATH=${OPTARG};; | |
| p) PULL=1;; | |
| *) echo "\nReads GCP cloudbuild config, lists secrets contained in the file\n\nUsage: $(basename $0) [-s] -f filename\n -s short output, do not display google secrets path\n -f cloudbuild config to read\n -p list values for the secrets from GCP, in a format ready to be exported into bash\n\n" && exit 1; | |
| esac |
| #! /usr/bin/env sh | |
| set -o pipefail | |
| FILEPATH=$1; shift; | |
| function pull_secrets { | |
| MANIFEST=$1; shift; | |
| SECRETS=$(cat "${MANIFEST}" | jq -r '.availableSecrets.secretManager[] | .env + "=" + .versionName'); | |
| PROJECT_ID=$(gcloud projects list --filter $(gcloud config get project) --format="value(PROJECT_NUMBER)") |
| https://github.com/Hammerspoon/hammerspoon/discussions/3379 | |
| https://www.guerrilladigital.cc/2021/02/18/no-elgato-stream-deck-no-problem-i-reprogrammed-my-akai-lpd8-to-work-as-an-obs-scene-switcher/ | |
| -- A quick hammerspoon to use the buttons on my Akai LPD8 | |
| -- which is a pretty fun little drum pad that can be had | |
| -- for $40-50 bucks if you shop around: | |
| -- https://images.reverb.com/image/upload/s--TanFLw05--/t_card-square/v1571420337/zzyfza1vf8wsxjynymgr.jpg | |
| devices = hs.midi.virtualSources() |
| id: newline_search_params | |
| info: | |
| name: newline_search_params | |
| author: f | |
| severity: low | |
| description: search param set to newline results in empty response | |
| tags: inputvalidation | |
| requests: |
| // go to https://github.com/orgs/ORGNAME/repositories, open JS console | |
| // run the below. Once done, extract with "JSON.parse(sessionStorage.repolist).forEach((e)=>{console.log(e)})" | |
| // | |
| // The following will covert from https to ssh endpoint link | |
| // %s/$/.git/ | |
| // %s/https:\/\//git@/ | |
| // %s/\.com\//\.com:/ | |
| // | |
| extract(); | |
| function extract(){ |
Spectral Ops preflight provides an easy way to add an integrity check to the pipe installed, turning them into 'curl | checksum | bash'.
The process takes has two steps:
| if (-Not([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")){ | |
| Write-Host "Not admin, elvevating" | |
| Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit | |
| } | |
| else { | |
| Write-Host "I hate PS so, so much" | |
| Start-Sleep -Second 5 | |
| } |
There is an increasing count of applications which use Authy for two-factor authentication. However many users who aren't using Authy, have their own authenticator setup up already and do not wish to use two applications for generating passwords.
Since I use 1Password for all of my password storing/generating needs, I was looking for a solution to use Authy passwords on that. I couldn't find any completely working solutions, however I stumbled upon a gist by Brian Hartvigsen. His post had a neat code with it to generate QR codes for you to use on your favorite authenticator.
His method is to extract the secret keys using Authy's Google Chrome app via Developer Tools. If this was not possible, I guess people would be reverse engineering the Android app or something like that. But when I tried that code, nothing appeared on the screen. My guess is that Brian used the
| ASAP | |
| * No IAM users, the exceptions are cases where username/password is a requirement that cannot be changed. | |
| * Users login as roles, it OK to start with * for Action and Resource | |
| * Role policy requires MFA | |
| * use aws-vault | |
| Practices/functionality to adopt soon | |
| * create org structure | |
| * terraform (or similar) | |
| * account per project/environment |
