This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This will automatically install the Sumo Logic collector on AWS Elastic | |
# Beanstalk instances. Add this to the .ebextensions folder in your app root | |
# and edit L24-25 to match your Sumo Logic accessid and accesskey. To add or | |
# remove tracked files, simply add or remove source hashes to the sources | |
# array on L36. | |
packages: | |
rpm: | |
SumoCollector: https://collectors.sumologic.com/rest/download/rpm/64 | |
services: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
if id -u sumo >/dev/null 2>&1; then | |
echo "User sumo exists..." | |
else | |
groupadd -f sumo && | |
useradd -g sumo sumo | |
echo "Create user sumo..." | |
fi | |
/opt/SumoCollector/collector stop > /dev/null 2>&1 || true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from collections import defaultdict | |
import boto3 | |
""" | |
A tool for retrieving basic information from the running EC2 instances. | |
""" | |
# Connect to EC2 | |
ec2 = boto3.resource('ec2') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Overview | |
- https://virustotal.github.io/yara/ | |
- https://en.wikipedia.org/wiki/Clam_AntiVirus | |
YARA Repositories | |
- https://github.com/Yara-Rules/rules | |
- https://github.com/InQuest/awesome-yara#rules | |
- https://github.com/VirusTotal/yara | |
- https://github.com/Neo23x0/signature-base/tree/master/yara |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
IAM Permission | Params | |
---|---|---|
amplify:CreateApp | iamServiceRoleArn | |
amplify:UpdateApp | iamServiceRoleArn | |
appconfig:CreateConfigurationProfile | RetrievalRoleArn | |
appconfig:UpdateConfigurationProfile | RetrievalRoleArn | |
appflow:CreateConnectorProfile | connectorProfileConfig.connectorProfileProperties.Redshift.roleArn | |
appflow:UpdateConnectorProfile | connectorProfileConfig.connectorProfileProperties.Redshift.roleArn | |
application-autoscaling:RegisterScalableTarget | RoleARN | |
apprunner:CreateService | SourceConfiguration.AuthenticationConfiguration.AccessRoleArn|InstanceConfiguration.InstanceRoleArn | |
apprunner:UpdateService | SourceConfiguration.AuthenticationConfiguration.AccessRoleArn|InstanceConfiguration.InstanceRoleArn |