- https://youtube.com/@campingwithsteve (personal experience camping)
- https://youtube.com/@WeirdExplorer (personal experience fruit/culture)
- https://youtube.com/@AlexRothman (history/culture)
- https://youtube.com/@PeterSantenello (investigative journalism about travel/cultures)
- https://youtube.com/@Azeal (interviews about human experiences (if you believe them))
- https://youtube.com/@HorsesOnYT (reflective cultural analysis)
- https://youtube.com/@justinmonarch (reflective self help philosophy)
- https://youtube.com/@NoBoilerplate (systematic self help)
mbrownnycnyc
mbrownnycnyc
/ youtube.md
Last active
April 9, 2024 12:12
youtube channels that are worth watching. I would be disappointed if they stopped putting out content. (note that I specifically am not posting anything related to software development, cybersec or AI)
mbrownnycnyc
/ less-awesome-ai.md
Last active
March 23, 2024 22:58
less awesome ai. a practical take on gen ai for normal people.
mbrownnycnyc
/ generate-att&ckjson.ps1
Created
February 8, 2023 21:22
quick way to produce att&ck navigator layers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #baseline_layer.json is exported layer from the navigator... there certainly is a way to create the json from scratch reviewing specs, but it was very fsat to just do this. | |
| $sourcefile = ".attack nav layers\baseline_layer.json" | |
| $offtechoutfile = ".\attack nav layers\offensive_techs.json" | |
| $deftechoutfile = ".\attack nav layers\defensive_techs.json" | |
| #goal here is to: | |
| # define two att&ck navigator layer json files | |
| # one is for offensive techniques |
mbrownnycnyc
/ modify-attackjson.ps1
Last active
January 12, 2023 00:22
modify an att&ck navigator json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $orcacomplianceframework = @" | |
| Collection - Automated Collection - T1119 | |
| Collection - Data from Cloud Storage - T1530 | |
| Collection - Data from Information Repositories - T1213 | |
| Collection - Data Staged - T1074 | |
| Collection - Email Collection - T1114 | |
| Credential Access - Brute Force - T1110 | |
| Credential Access - Forge Web Credentials - T1606 | |
| Credential Access - Modify Authentication Process - T1556 | |
| Credential Access - Multi-Factor Authentication Request Generation - T1621 |
mbrownnycnyc
/ get-chokepointtechniques.ps1
Last active
January 19, 2023 19:08
Process ATT&CK and D3FEND data to indicate likelihood an ATT&CK technique is a choke point as defined in this article (https://medium.com/mitre-engenuity/where-to-begin-prioritizing-att-ck-techniques-c535b50983f4). This theory considers the following conjecture: MITRE will assign research hours to align with prioritization of offensive technique…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # summary: | |
| # Process ATT&CK and D3FEND data to indicate likelihood an ATT&CK technique is a choke point as defined in this article (https://medium.com/mitre-engenuity/where-to-begin-prioritizing-att-ck-techniques-c535b50983f4). This theory considers the following conjecture: MITRE will assign research hours to align with prioritization of offensive technique (resulting severity, frequency of observation, etc). This theory considers the following facts: ATT&CK procedure examples are well documented, D3FEND offensive blast radius is well documented. | |
| # Remember to see "Limitations and future work" section of the above blog post/article. | |
| # also see "BIASES WHEN MAPPING TO MITRE ATT&CK" section of (https://www.cisa.gov/uscert/sites/default/files/publications/Best%20Practices%20for%20MITRE%20ATTCK%20Mapping.pdf) | |
| # this covers the following biases: Novelty bias, Visibility bias, Producer bias, Victim bias, Availability bias... | |
| # you won't ever be able to eliminate these, either within yourself, on your team, o |
mbrownnycnyc
/ foreach-concurrentdict.ps1
Last active
December 21, 2022 14:17
Thread safe disctionary and using -parallel switch with foreach in powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # summary of code covered here: https://isc.sans.edu/diary/Port%20Scanning%20in%20Powershell%20Redux%3A%20Speeding%20Up%20the%20Results%20%28challenge%20accepted!%29/29324 | |
| $gkeclusters = [System.Collections.Concurrent.ConcurrentDictionary[string,object]]::new() | |
| $gcpprojects.projectId | % -ThrottleLimit 10 -Parallel { | |
| write-host "checking $($_)" | |
| $dict = $using:gkeclusters | |
| $dict.TryAdd($(gcloud container clusters list --project $_ --format json), $_) | out-null | |
| } |
mbrownnycnyc
/ get-xfcvssdata.ps1
Last active
September 16, 2022 19:46
gather interesting cvss data from x-force
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $cvelist = "CVE-2022-32868","CVE-2022-32886","CVE-2022-32912","CVE-2022-32891","CVE-2022-32854","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32795","CVE-2022-32868","CVE-2022-32872","CVE-2022-32886","CVE-2022-32902","CVE-2022-32896","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32900","CVE-2022-32902","CVE-2022-32854","CVE-2022-32896","CVE-2022-32911","CVE-2022-32864","CVE-2022-32894","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32900","CVE-2022-32854","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32795","CVE-2022-32868","CVE-2022-32872","CVE-2022-32886","CVE-2022-32912","CVE-2022-32893" | |
| $baseurl = "https://api.xforce.ibmcloud.com/" | |
| $apikey = "xxxx" | |
| $apipass = "yyyy" | |
| $encodeme = $apikey+":"+$apipass | |
| $access_token = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($encodeme)) | |
| $headers = @{"Authorization"= "Basic $access_token"; |
mbrownnycnyc
/ gitlab-search.py
Last active
September 26, 2022 17:23
gitlab code searcher based on https://github.com/tuimm/gitlab-search, but added enum for all branches and regex string matches. need to add multithreading and dumping data to disk upon receipt.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import gitlab | |
| import re | |
| def search(gitlab_server, token, file_filter, regextofind, group=None, project_filter=None): | |
| return_value = [] | |
| gl = gitlab.Gitlab(gitlab_server, private_token=token) | |
| if (project_filter == '') and (group == ''): | |
| projects = gl.projects.list(all=True) | |
| else: | |
| group_object = gl.groups.get(group) |
mbrownnycnyc
/ parse_awscli_json_output.ps1
Last active
September 14, 2022 17:41
deal with json for filtering in powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # parse elbv2 | |
| $targetjson = get-content "elbv2-listener-allowing-cleartext.json" | ConvertFrom-Json | |
| $interestingdata = @() | |
| foreach ($item in $targetjson) { | |
| $tempobj = "" | select dnsname, arn, vpcid, tags, listener_80_defaultaction_type, sg_tags, sg_used_by | |
| $tempobj.dnsname = $item.DNSName | |
| $tempobj.arn = $item.arn | |
| $tempobj.vpcid = $item.VpcId |
mbrownnycnyc
/ worksheet.ps1
Last active
June 23, 2022 19:52
script used to assist in building a risk scoring spreadsheet for AD prived groups and users (adjust baseline risk of each group)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-b--privileged-accounts-and-groups-in-active-directory | |
| $userrights_readable = "Access Credential Manager as a trusted caller","Access this computer from the network","Act as part of the operating system","Add workstations to domain","Adjust memory quotas for a process","Allow log on locally","Allow log on through Remote Desktop Services","Back up files and directories","Bypass traverse checking","Change the system time","Change the time zone","Create a pagefile","Create a token object","Create global objects","Create permanent shared objects","Create symbolic links","Debug programs","Deny access to this computer from the network","Deny log on as a batch job","Deny log on as a service","Deny log on locally","Deny log on through Terminal Services","Enable computer and user accounts to be trusted for delegation","Force shutdown from a remote system","Generate security audits","Impersonate a client after authenti |
NewerOlder