aN0mad

iknowjason / aws_key.toml

Created July 23, 2021 01:07

AWS gitleaks configuration for access keys and secret

	title = "gitleaks aws secrets config"
	[[rules]]
	description = "AWS Key ID"
	regex = '''(A3T[A-Z0-9]\|AKIA\|AGPA\|AIDA\|AROA\|AIPA\|ANPA\|ANVA\|ASIA)[A-Z0-9]{16}'''
	tags = ["key", "AWS"]
	[[rules]]
	description = "AWS Secret Key2"
	regex = '''(?i)aws_secret_key='''
	tags = ["key", "AWS"]

ChoiSG / rsrcDecryptAssembly.nim

Last active September 19, 2022 17:31

embed .net, decrypt, load and execute in nim poc

	import nimcrypto
	import winim/clr except `[]` # https://s3cur3th1ssh1t.github.io/Playing-with-OffensiveNim/ <-- thank you so much, 2 hours googling I almost went crazy

	#[
	All credit goes to @byt3bl33d3r (OffensiveNim) and @s3cur3th1ssh1t

	nimble install winim nimcrypto zippy
	nim c -d:danger -d:strip --opt:size rsrcDecryptAssembly.nim

	slurp = "staticRead" will read the file and store it in the variable (.rdata) on compile time.

iknowjason / gitleaks_docker.sh

Last active February 16, 2022 19:00

aws_key.toml and gitleaks docker in one line

	# Credit and props to Manoel Abreu @reefbr - Thank you man!
	# This one-liner uses dockerized gitleaks to detect a custom toml file with AWS access keys and secret
	wget https://gist.githubusercontent.com/iknowjason/64914c08c0512f7380dbe7240812d69d/raw/6044896415ba9adc02a055fe774f67e31ecddad0/aws_key.toml; docker run --rm -v "$PWD:/script" -v <GIT_DIRECTORY_FULL_PATH>/:/code/ --name=gitleaks zricethezav/gitleaks -v detect -c=/script/aws_key.toml -p=/code