Skip to content

Instantly share code, notes, and snippets.

View njmulsqb's full-sized avatar
💻
Contributing to FOSS

Najam Ul Saqib njmulsqb

💻
Contributing to FOSS
44 followers · 45 following
View GitHub Profile
@njmulsqb
njmulsqb / RGE-KQL-DoC.md
Last active February 22, 2023 14:41
Defender for Cloud KQL

Azure Defender for Cloud KQL Queries

These are the queries that I wrote and found useful to extract data using Azure Resource Graph Explorer

Security Alerts

Fetch all the active suspicious authentication activities

SecurityResources
| where type == "microsoft.security/locations/alerts" and properties.AlertDisplayName=="Suspicious authentication activity" and properties.Status=="Active"

Fetch all the active suspicious authentication activities (Only Start Time and Hostname)

@njmulsqb
njmulsqb / sourcemapWrapper.py
Created June 12, 2022 15:46
This is the wrapper I made around SourceMapper tool to fetch sourcemaps on large scale. Blog post: https://njmulsqb.github.io/2022/05/31/Hunting-Sourcemaps-On-Steroids.html
import sys
import subprocess
import os
parentDir = 'sourceMapsToJS'
sourceMapURL = sys.argv[1]
dirName = sourceMapURL.strip(
'https://').strip('http://').strip('www.').replace('/', '-').replace('.', '-')
if not os.path.exists(parentDir):
os.mkdir(parentDir)
@njmulsqb
njmulsqb / awesome-security-projects.md
Last active April 23, 2023 17:04
Awesome Security Projects

Awesome-Security-Repos

Here's a list of github repos and tools that I believe are awesome and should be promoted and used.

Source Code Analysis

  1. Semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  2. RegexPassive - Collection of regexp pattern for security passive scanning
  3. Secure Codebox - secureCodeBox (SCB) - continuous secure delivery out of the box

Wordlist and Payloads