Install the OpenSSL on Debian based systems
sudo apt-get install openssl
$ curl --help | |
Usage: curl [options...] <url> | |
--abstract-unix-socket <path> Connect via abstract Unix domain socket | |
--alt-svc <file name> Enable alt-svc with this cache file | |
--anyauth Pick any authentication method | |
-a, --append Append to target file when uploading | |
--basic Use HTTP Basic Authentication | |
--cacert <file> CA certificate to verify peer against | |
--capath <dir> CA directory to verify peer against | |
-E, --cert <certificate[:password]> Client certificate file and password |
#!/bin/bash | |
# This script attempts to locate potential dangling domains on AWS. You need AWS CLI installed and your keys configured | |
# Make sure you insert your Bing API key below as well. | |
# All the sleeps were necessary to not allocate the same IP address multiple times | |
while true | |
do | |
unset IP |
#!/bin/bash | |
REGIONS=`aws ec2 describe-regions --query Regions[].RegionName --output text` | |
for r in $REGIONS ; do | |
VAULTS=`aws backup list-backup-vaults --query BackupVaultList[].BackupVaultName --output text --region $r` | |
for v in $VAULTS ; do | |
RECOVERY_POINTS=`aws backup list-recovery-points-by-backup-vault --backup-vault-name $v --query RecoveryPoints[].RecoveryPointArn --output text --region $r` | |
for a in $RECOVERY_POINTS ; do |
I had a heck of a time getting a Cuckoo sandbox running, and below I hope to help you get one up and running relatively quickly by detailing out the steps and gotchas I stumbled across along the way. I mention this in the references at the end of this gist, but what you see here is heavily influenced by this article from Nviso
# --------------------------------------------------------------------------- | |
# | |
# Description: This file holds all my BASH configurations and aliases | |
# | |
# Sections: | |
# 1. Environment Configuration | |
# 2. Make Terminal Better (remapping defaults and adding functionality) | |
# 3. File and Folder Management | |
# 4. Searching | |
# 5. Process Management |
#!/usr/bin/python3 | |
import random | |
name = ['Jack-Rabbit', 'Elephant', 'Donkey', 'Walrus'] | |
seed = random.randint(1,120) | |
names = random.sample(name, len(name)) | |
print(names) |
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/support.html#Support.Client.describe_trusted_advisor_check_result | |
{ | |
'result': { | |
'checkId': 'string', | |
'timestamp': 'string', | |
'status': 'string', | |
'resourcesSummary': { | |
'resourcesProcessed': 123, | |
'resourcesFlagged': 123, |
filter Expand-DefenderAVSignatureDB { | |
<# | |
.SYNOPSIS | |
Decompresses a Windows Defender AV signature database (.VDM file). | |
.DESCRIPTION | |
Expand-DefenderAVSignatureDB extracts a Windows Defender AV signature database (.VDM file). This function was developed by reversing mpengine.dll and with the help of Tavis Ormandy and his LoadLibrary project (https://github.com/taviso/loadlibrary). Note: Currently, "scrambled" databases are not supported although, I have yet to encounter a scrambled database. Thus far, all databases I've encountered are zlib-compressed. |
# Carbon Black Evil PowerShell LSASS Query | |
# | |
# Prints out malicious Powershell events that have a crossproc event for c:\windows\system32\lsass.exe | |
# | |
# Author: Jason Lang (@curi0usJack) | |
# | |
# Prereqs (Windows 10) | |
# Install bash on Win10 | |
# sudo apt-get install python-pip | |
# sudo pip install --upgrade requests |