Abhay Bhargav abhaybhargav
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <title>ReactJS Live Code Demo</title> | |
| <script src="https://unpkg.com/react@15/dist/react.js"></script> | |
| <script src="https://unpkg.com/react-dom@15/dist/react-dom.js"></script> | |
| <script src="https://unpkg.com/url-parse@1.4.3/dist/url-parse.js"></script> | |
| </head> | |
| <body> | |
| <div id="entities"></div> | |
| <div id="attributes"></div> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <title>Output Escaping Demo</title> | |
| <script src="https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.0.8/purify.min.js"></script> | |
| </head> | |
| <body> | |
| <script> | |
| //Filter for Anchor HREF | |
| var dirtyHref = 'javascript:alert(1)'; | |
| var link = document.createElement('a'); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"). | |
| # You may not use this file except in compliance with the License. | |
| # A copy of the License is located at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # or in the "license" file accompanying this file. This file is distributed | |
| # on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either |
abhaybhargav
/ CustomRegression.robot
Last active
September 10, 2019 09:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| *** Settings *** | |
| Library REST http://${TARGET_URI}/ | |
| Library Playbot ${PROJECT} ${TARGET_NAME} ${TP_API} | |
| Library Collections | |
| Library String | |
| *** Variables *** | |
| ${TARGET_URI} 157.230.132.204:3000 | |
| ${PROJECT} demo | |
| ${TP_LOGIN} admin@admin.com |
abhaybhargav
/ attack_tree_example.json
Created
August 31, 2019 02:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"id":"925ebe3d-65bf-4d48-be3d-dc4bb86a18ce","title":"Steal Customer Info from other Reps","mindmap":{"root":{"id":"c556daf7-9465-4793-959d-d1ddf553788f","parentId":null,"text":{"caption":"Steal Customer Info from other Reps","font":{"style":"normal","weight":"bold","decoration":"none","size":20,"color":"#000000"}},"offset":{"x":0,"y":0},"foldChildren":false,"branchColor":"#000000","children":[{"id":"b6cd1bc9-3a78-4560-b680-a8da3e3c16a3","parentId":"c556daf7-9465-4793-959d-d1ddf553788f","text":{"caption":"Leverage other Rep(s)","font":{"style":"normal","weight":"normal","decoration":"none","size":15,"color":"#000000"}},"offset":{"x":127.96875,"y":-27.4375},"foldChildren":false,"branchColor":"#ad9b69","children":[{"id":"95482943-20c2-46d1-9220-a4b24f833dff","parentId":"b6cd1bc9-3a78-4560-b680-a8da3e3c16a3","text":{"caption":"Threaten other rep","font":{"style":"normal","weight":"normal","decoration":"none","size":15,"color":"#000000"}},"offset":{"x":205.57194010416666,"y":-135.65152994791666},"foldChildren":fa |
abhaybhargav
/ create-upload.yaml
Last active
August 29, 2019 07:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| objectType: Feature | |
| name: create_upload_expense | |
| description: As a user, I am able to create and upload expenses within project limit that have been incurred by me for processing/payment by my manager, so I can get reimbursed | |
| abuse_cases: | |
| - name: manipulate expense information | |
| description: As a malicious user, I will manipulate expense management process to get larger or bogus expenses into the system. | |
| threat_scenarios: | |
| - name: sql injection expense limit bypass | |
| type: repo | |
| description: Perform SQL Injection to compromise the Database, and raise project budget limits or bypass expense controls |
abhaybhargav
/ approve-expense.yaml
Created
August 29, 2019 07:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| objectType: Feature | |
| name: approve_expense | |
| description: As a Project Manager, I would like to approve legitimate expenses from my employees | |
| abuse_cases: | |
| - name: manipulate expense approval | |
| description: As a malicious user, I will manipulate the expense approval process so I can get bogus expense approved | |
| threat_scenarios: | |
| - name: sql injection expense limit bypass | |
| type: repo | |
| description: Perform SQL Injection to compromise the Database, and raise project budget limits or bypass expense controls |
abhaybhargav
/ CustomLight.policy
Last active
August 2, 2019 19:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="no"?> | |
| <configuration> | |
| <policy>CustomLight</policy> | |
| <scanner> | |
| <level>LOW</level> | |
| <strength>LOW</strength> | |
| </scanner> | |
| <plugins> | |
| <p6> | |
| <enabled>false</enabled> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert(1) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_kms_key" "s3_key" { | |
| description = "This key is used to encrypt bucket objects" | |
| deletion_window_in_days = 10 | |
| } | |
| resource "random_string" "bucket_name" { | |
| length = 10 | |
| special = false | |
| upper = false | |
| } |