Skip to content

Instantly share code, notes, and snippets.

View JJediny's full-sized avatar

John Jediny JJediny

189 followers · 39 following
View GitHub Profile
@JJediny
JJediny / security hardness 2.md
Created December 3, 2016 05:10 — forked from jacobian/security hardness 2.md
Security Hardness - another idea

This is a draft "security hardness scale", desgigned to somewhat roughly quantify the level of effort of a penetration test -- since simply measuing "how many vulns did you find" is a terrible measurement of success. The goal is the measure the "hardness" of the system under test in a way that's a bit quantitative.

The result is a score from 1-10. The scale is inspired by to the Mohs Hardness Scale in that it's simply an ordinal scale, not an absolute one. That is, the "gap" between 3 and 4 doesn't have to be the same "difficulty increase" as the gap between 5 and 6. It's simply a way of rating that one pentest was "harder" than another. (This is in lieu of being able measuing "hardness" in any truely quantitative way).

Instructions:

@JJediny
JJediny / DISA-STIG-CCI2NIST-800-53.csv
Last active August 28, 2024 21:42
DISA STIG CCI to NIST-800-53 mapping converted into csv file http://iase.disa.mil/stigs/cci/Pages/index.aspx
We can't make this file beautiful and searchable because it's too large.
id,status,publishdate,contributor,definition,type,NIST800-53rev,control,NIST800-53rev,control,NIST800-53rev,control
CCI-001545,draft,2010-05-11,DISA FSO,The organization defines a frequency for reviewing and updating the access control policy.,policy,4,AC-1 b 1,3,AC-1 a,1,AC-1.2 (i)
CCI-001546,draft,2010-05-11,DISA FSO,The organization defines a frequency for reviewing and updating the access control procedures.,policy,4,AC-1 b 2,3,AC-1 b,1,AC-1.2 (iii)
CCI-000001,draft,2009-05-13,DISA FSO,"The organization develops an access control policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.",policy,4,AC-1 a 1,3,AC-1 a,1,AC-1.1 (i and ii)
CCI-000004,draft,2009-05-13,DISA FSO,The organization develops procedures to facilitate the implementation of the access control policy and associated access controls.,policy,4,AC-1 a 2,3,AC-1 b,1,AC-1.1 (iv and v)
CCI-000002,draft,2009-09-14,DISA FSO,The organization disseminates the ac
@JJediny
JJediny / NISTFramework-ImprovingCriticalInfrastructureCybersecurity_v11.yml
Last active August 6, 2020 19:27
Updated to Draft v1.1 on 1/13/2017. YAML representation of the NIST Framework for Improving Critical Infrastructure Cybersecurity https://www.nist.gov/cyberframework
# Source: NIST Framework for Improving Critical Infrastructure Cybersecurity https://www.nist.gov/cyberframework
# Updated: 1/13/2017 - Updated with Draft v1.1 https://www.nist.gov/cyberframework/draft-version-11
---
# NIST CSF has three levels: Function -> Category -> Subcategory
################
# Function #
################
-
Title: Identify
@JJediny
JJediny / Helpful_Hacks.md
Last active October 30, 2016 02:42
Helpful Hacks

Listening to which DNS servers an application is calling during installation (hint - listen to docker or vagrant/vm interface:

'wireshark -f "udp port 53" -Y "dns.qry.type == A and dns.flags.response == 0'

Quick Docker Monitoring - cAdvisor

docker run                                      \
 --volume=/:/rootfs:ro \
@JJediny
JJediny / LoggingMonitoringSource.txt
Created September 8, 2016 18:02
Logging and Monitoring Sources from
# Monitorix - configuration file
#
# See monitorix.conf(5) manpage for a detailed description of each option.
#
title = Place a title here
hostname =
theme_color = black
refresh_rate = 150
iface_mode = graph
@JJediny
JJediny / rasp-pi-cluster.stl
Created September 2, 2016 02:22
Kubernetes on ARM Raspberrry PI - http://kubecloud.io/kubernetes-shaped-cluster/
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@JJediny
JJediny / NIST800-53_Assignments.yml
Last active November 16, 2017 02:09
Work in Progress: NIST Control Assignments and Minimum Requirements for Low, Moderate, High Systems (w/ NIST/FEDRAMP/DOD Requirements) from http://iasecontent.disa.mil/cloud/SRG/index.html
# TO DO - Figure out overarching schema as document generated from unstructured text
# Only Half is valid YAML
#####
# DOD Guide uses Impact Level -> which generally equites to FIPS-199 levels
# 2 = Low (All systems)
# 4-5 = Moderate
# 6 = High
---
- control: AC-1
@JJediny
JJediny / tl_2015_us_county.topojson
Created July 18, 2016 16:22
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@JJediny
JJediny / Transmission.stl
Last active July 17, 2016 05:49
Transmission Scan from a Public Document... had to test out http://svg2stl.com/ @ 5mm
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@JJediny
JJediny / us_gov_mapping_test.csv
Created July 5, 2016 17:01
agency_name bureau_name agency_code bureau_code treasury_code cgac_code usagov_directory_id parent_match New ID Check different Merged ID Disagree Final ID
Legislative Branch Senate 1 5 0 0 0 #N/A #N/A 0 Err:504
Legislative Branch House of Representatives 1 10 0 0 0 #N/A #N/A 0 Err:504
Legislative Branch Joint Items 1 11 0 0 0 #N/A #N/A 0 Err:504
Legislative Branch Capitol Police 1 13 2 2 0 #N/A #N/A 0 Err:504
Legislative Branch Office of Compliance 1 12 9 9 49579 0 49579 1 49579 0 49579
Legislative Branch Congressional Budget Office 1 14 8 8 49167 0 #N/A #N/A 49167 Err:504 49167
Legislative Branch Architect of the Capitol 1 15 1 1 49088 0 49088 1 49088 0 49088
Legislative Branch Botanic Garden 1 18 9 9 0 #N/A #N/A 0 Err:504
Legislative Branch Library of Congress 1 25 3 3 52628 0 #N/A #N/A 52628 Err:504 52628