alfredocambera

#!/usr/bin/env python

# prints all the records in all the zones in colums separated by ','.
# It uses raw mode to handle pagination to iterate over zones and records

import CloudFlare

separator=","
cf = CloudFlare.CloudFlare(token='REPLACE_WITH_YOUR_OWN_CF_TOKEN', raw=True)
per_page = 10

lukeplausin

# This script will explain how to transfer a file to EC2 using SSM ONLY!

# You will need to have permission to run SSM commands on the target machine and have sudo access as well

# Infos
INSTANCE_ID=i-1234567890
FILE_NAME=the_file.tar.gz

# Step 1: Run command on machine to install netcat and dump from port to filename
# < Start session

ssstonebraker

{
    "username": "brakertech",
    "export_time": "2021-01-28T23:14:25.004Z",
    "export_type": "Account Items",
    "service_command_library": [
        {
            "service": "http",
            "sort_order": null,
            "name": "davtest",
            "command": "davtest -url http://$ip:$port",

gregn610

---
AWSTemplateFormatVersion: 2010-09-09

Description: "Conformance Pack of Operational Best Practices for Amazon S3 with Remediation."

Resources:
  ConformancePackS3Operations:
    Type: AWS::Config::ConformancePack
    Properties:
      ConformancePackName: "CyberOpsS3RemediationOperations"

SwitHak

CVE-2020-0601 AKA ChainOfFools OR CurveBall

General

• Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
• The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
• The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

• NSA description:
• NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.

ropnop

function dockershell() {
    docker run --rm -i -t --entrypoint=/bin/bash "$@"
}

function dockershellsh() {
    docker run --rm -i -t --entrypoint=/bin/sh "$@"
}

function dockershellhere() {
    dirname=${PWD##*/}

davidmoremad

AWS-CLI Cheatsheet

Table of content

• Installation
• EC2
  • UTIL: List all instances
  • UTIL: List specific fields of all instances
  • UTIL: List all instances of a product
• UTIL: List all stopped instances

JohnLaTwC

#!/bin/bash
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#This is the Old-ReBuild Lady job copy
#
#Goal:
# The goal of this campaign is as follows;
# - To keep the internet safe.
# - To keep them hackers from causing real damage to organisations.
# - We know you feel We are a potential threat, well We ain't.

ag-michael

<style>
#reportrow {
  position:relative;
  overflow-wrap:anywhere;
  border-bottom:solid 1px;
}
</style>

<div class="panel panel-info" ng-if="success">
    <div class="panel-heading">

ag-michael

timestamp convert:

 convert ctime(timestamp/1000)

.top,.club,.xyz,.ru domain lookups where the amount of lookup for the domain is more than 1 and less than 4 per computer

aid=* event_simpleName=DnsRequest | regex DomainName=".*\.top$|.*\.club$|.*\.xyz$|.*\.ru$|[0-9]+.*\.\w$" | stats values(ComputerName) count by DomainName| where count <4 | sort – count