Rahul Jadhav nyrahul

## check-job-status.sh
# Show all workloads/jobs
kubectl get workload -A  -o json | jq '.items[] | "\(.metadata.namespace) \(.metadata.name) \(.status.conditions[-1].type)"'

# Show Admitted workloads/jobs
kubectl get workload -A -o json | jq -c '.items[] | select(.status.conditions[-1].type == "Admitted") | [.metadata.namespace,.metadata.name]'

## cmds.sh
# Get all accuknox k8s jobs
kubectl get jobs -A --sort-by .status.startTime -l "kueue.x-k8s.io/queue-name=jobs-queue"

## clam.sh
#!/bin/bash

# Update scan database
sudo freshclam --datadir=$PWD/clamdb --foreground

# Run the scan on the given folder path
docker run \
    -it --rm \
    --mount type=bind,source=$PWD/env,target=/scandir \
    -v $PWD/clamdb:/clamdb \

## artifact api.sh
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
trivy image -f json -o results.json --timeout 3600s nginx:latest

curl --location 'https://cspm.demo.accuknox.com/api/v1/artifact/?tenant_id=2618&data_type=TR&save_to_s3=True&label_id=testknox' --header 'Tenant-Id: 2618' --header 'Authorization: Bearer <TOKEN>'  --form 'file=@"results.json"'

# Sonar qube scanner
sonar-scanner -Dsonar.token=<SQ-TOKEN> -Dsonar.projectKey=nimbus -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json
curl -u <SQ-TOKEN>: 'http://35.188.10.229:9000/api/issues/search?components=nimbus' -o sonar-report.json
curl --location 'https://cspm.demo.accuknox.com/api/v1/artifact/?tenant_id=2509&data_type=SQ&save_to_s3=True&label_id=SAST' --header 'Tenant-Id: 2509' --header 'Authorization: Bearer <ARTIFACT-TOKEN>'  --form 'file=@"sonar-report.json"'

## ai-security-bookmarks.md

      
              1 file
            
          
              0 forks
            
          
              2 comments
            
          
              1 star
            
          
                nyrahul
                / ai-security-bookmarks.md
            
            
              Last active
              June 24, 2024 03:13
            
              
                AI Security bookmarks
              
          
    Public sources


Title
Type
Date
Comment


AI-Exploits
code

A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities


LLM-Guard
code

The Security Toolkit for LLM Interactions


Garak
code

LLM vulnerability scanner


NIST AI RMF Playbook
doc

NST AI RM Playbook


MITRE ATLAS
doc

Adversarial Threat Landscape for AI Systems


NIST AI 100-2e2023
doc

Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations


## prevent-crypto-miners.yaml
apiVersion: security.kubearmor.com/v1
kind: KubeArmorPolicy
metadata:
  name: prevent-crypto-miners
spec:
  selector:
    matchLabels:
      app: wordpress

  action: Block

## tenant-status.py
-----
# exec into any celery pod
# python3 manage.py shell
# Cut paste below code and execute
# kubectl exec -n accuknox-divy deployments/uwsgi -- python3 manage.py generate_report > report.csv

from django.core.management.base import BaseCommand
from django.db import connection
from django.utils import timezone
from django_tenants.utils import schema_context

## kind-cluster-issue-apparmor.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                nyrahul
                / kind-cluster-issue-apparmor.md
            
            
              Last active
              September 24, 2023 15:47
            
          
    Step 1: Create cluster

./create-cluster.sh

Step 2: Install apparmor utilities

# Install apparmor utilites in the kind cluster nodes
docker exec -it cluster01-worker bash -c "apt update && apt install apparmor-utils -y && systemctl restart containerd"
docker exec -it cluster01-control-plane bash -c "apt update && apt install apparmor-utils -y && systemctl restart containerd"


## pulsar-admin.sh
bin/pulsar-admin tenants list
bin/pulsar-admin namespaces list "accuknox"
bin/pulsar-admin topics list "accuknox/cluster"
bin/pulsar-admin topics list "accuknox/datapipeline"
bin/pulsar-admin topics stats "persistent://accuknox/datapipeline/kubearmoralerts" | less
bin/pulsar-admin topics examine-messages --initialPosition latest --messagePosition 1 "persistent://accuknox/datapipeline/kubearmoralerts"

bin/pulsar-admin topics clear-backlog -s "accuknox-data-offloader" "persistent://accuknox/datapipeline/kubearmoralerts"


## nmap-scan.sh
nmap -Pn -sT -p 3000 localhost --script ssl-cert --script ssl-enum-ciphers --script ssl-cert -oX t.xml
yq . t.xml -o json  --xml-attribute-prefix '' > t.json
	# Show all workloads/jobs
	kubectl get workload -A -o json \| jq '.items[] \| "\(.metadata.namespace) \(.metadata.name) \(.status.conditions[-1].type)"'

	# Show Admitted workloads/jobs
	kubectl get workload -A -o json \| jq -c '.items[] \| select(.status.conditions[-1].type == "Admitted") \| [.metadata.namespace,.metadata.name]'
	# Get all accuknox k8s jobs
	kubectl get jobs -A --sort-by .status.startTime -l "kueue.x-k8s.io/queue-name=jobs-queue"
	#!/bin/bash

	# Update scan database
	sudo freshclam --datadir=$PWD/clamdb --foreground

	# Run the scan on the given folder path
	docker run \
	-it --rm \
	--mount type=bind,source=$PWD/env,target=/scandir \
	-v $PWD/clamdb:/clamdb \
	curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh \| sh -s -- -b /usr/local/bin
	trivy image -f json -o results.json --timeout 3600s nginx:latest

	curl --location 'https://cspm.demo.accuknox.com/api/v1/artifact/?tenant_id=2618&data_type=TR&save_to_s3=True&label_id=testknox' --header 'Tenant-Id: 2618' --header 'Authorization: Bearer <TOKEN>' --form 'file=@"results.json"'

	# Sonar qube scanner
	sonar-scanner -Dsonar.token=<SQ-TOKEN> -Dsonar.projectKey=nimbus -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json
	curl -u <SQ-TOKEN>: 'http://35.188.10.229:9000/api/issues/search?components=nimbus' -o sonar-report.json
	curl --location 'https://cspm.demo.accuknox.com/api/v1/artifact/?tenant_id=2509&data_type=SQ&save_to_s3=True&label_id=SAST' --header 'Tenant-Id: 2509' --header 'Authorization: Bearer <ARTIFACT-TOKEN>' --form 'file=@"sonar-report.json"'
Title	Type	Comment
AI-Exploits	code	A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
LLM-Guard	code	The Security Toolkit for LLM Interactions
Garak	code	LLM vulnerability scanner
NIST AI RMF Playbook	doc	NST AI RM Playbook
MITRE ATLAS	doc	Adversarial Threat Landscape for AI Systems
NIST AI 100-2e2023	doc	Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations
	apiVersion: security.kubearmor.com/v1
	kind: KubeArmorPolicy
	metadata:
	name: prevent-crypto-miners
	spec:
	selector:
	matchLabels:
	app: wordpress

	action: Block
	-----
	# exec into any celery pod
	# python3 manage.py shell
	# Cut paste below code and execute
	# kubectl exec -n accuknox-divy deployments/uwsgi -- python3 manage.py generate_report > report.csv

	from django.core.management.base import BaseCommand
	from django.db import connection
	from django.utils import timezone
	from django_tenants.utils import schema_context
	bin/pulsar-admin tenants list
	bin/pulsar-admin namespaces list "accuknox"
	bin/pulsar-admin topics list "accuknox/cluster"
	bin/pulsar-admin topics list "accuknox/datapipeline"
	bin/pulsar-admin topics stats "persistent://accuknox/datapipeline/kubearmoralerts" \| less
	bin/pulsar-admin topics examine-messages --initialPosition latest --messagePosition 1 "persistent://accuknox/datapipeline/kubearmoralerts"

	bin/pulsar-admin topics clear-backlog -s "accuknox-data-offloader" "persistent://accuknox/datapipeline/kubearmoralerts"
	nmap -Pn -sT -p 3000 localhost --script ssl-cert --script ssl-enum-ciphers --script ssl-cert -oX t.xml
	yq . t.xml -o json --xml-attribute-prefix '' > t.json