Gareth Rushgrove garethr
garethr
/ xss.attack
Created
September 18, 2013 09:18
Example using gauntlt and arachni to test for cross site scripting vulnerabilities in wackopicko
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| + | |
| +[+] 2 issues were detected. | |
| + | |
| +[+] [1] Trusted -- Cross-Site Scripting (XSS) | |
| +[~] ~~~~~~~~~~~~~~~~~~~~ | |
| +[~] ID Hash: ea37c74ba2614fa52840bfd152e892e01c918a0a7e92f600805cb79d24050ec2 | |
| +[~] Severity: High | |
| +[~] URL: http://victim/pictures/search.php | |
| +[~] Element: form | |
| +[~] Method: GET |
garethr
/ gist:6606714
Created
September 18, 2013 09:24
Simplistic grok filter for parsing naxsi errors from nginx logs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| grok { | |
| type => "nginx_error" | |
| match => ["message", "ip=%{IP:client_ip}&server=%{IP:server_ip}&uri=%{PATH:uri}&total_processed=%{NUMBER:total_processed}&total_blocked=%{NUMBER:total_blocked}&zone0=%{WORD:zone}&id0=%{NUMBER:id}"] | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Tuxtendo Rootkit [ Not found ] | |
| URK Rootkit [ Not found ] | |
| Vampire Rootkit [ Not found ] | |
| VcKit Rootkit [ Not found ] | |
| Volc Rootkit [ Not found ] | |
| Xzibit Rootkit [ Not found ] | |
| X-Org SunOS Rootkit [ Not found ] | |
| zaRwT.KiT Rootkit [ Not found ] | |
| ZK Rootkit [ Not found ] |
garethr
/ gist:6620976
Created
September 19, 2013 09:12
Simple naxsi configuration and example error log
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2013/09/18 08:59:57 [error] 891#0: *6 NAXSI_FMT: ip=192.168.50.20&server=victim&uri=/pictures/search.php&total_processed=14&total_blocked=7&zone0=ARGS&id0=1007&var_name0=query, client: 192.168.50.20, server: localhost, request: "GET /pictures/search.php?query=--%3E+%3Csome_dangerous_input_a1056fd2f0ffbb7f18fec9bd33257e12ab5e0494b33011967bcbcbc5699408eb%2F%3E+%3C%21-- HTTP/1.1", host: "victim" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # First rule - delete all | |
| -D | |
| # Increase the buffers to survive stress events. | |
| # Make this bigger for busy systems | |
| -b 1024 | |
| -a exit,always -S mkdir | |
| -w /etc/group -p wa |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ssh] | |
| enabled = true | |
| port = ssh | |
| filter = sshd | |
| logpath = /var/log/auth.log | |
| maxretry = 3 | |
| [ssh-ddos] | |
| enabled = true |
garethr
/ zapscanner.py
Last active
November 4, 2016 22:20
Example of using OWASP ZAP Python API to produce an ascii table of potential security alerts, sample output is part of a longer set from the wackopicko vulnerable web app
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://victim/pictures/search.php?query=%22%3E%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E | |
| +------+----------------------------------+ | |
| | Risk | Description | | |
| +------+----------------------------------+ | |
| | High | Cross Site Scripting (Reflected) | | |
| +------+----------------------------------+ | |
| http://victim/css/ | |
| +--------+--------------------+ | |
| | Risk | Description | |
garethr
/ Gemfile
Last active
June 25, 2020 14:15
Use bundler-audit as part of an rspec test to allow unit tests to be written to check for vulnerabilities of dependencies, based on data from https://github.com/rubysec/ruby-advisory-db
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # A Gemfile with a vulnerable version of rails in it | |
| source "https://rubygems.org" | |
| gem "rails", "3.2.13" | |
| gem "bundler-audit" | |
| gem "rspec" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'aws-sdk-core' | |
| require 'colorize' | |
| require 'retries' | |
| ec2 = Aws::EC2::Client.new(region: 'us-west-2') | |
| ## Security Groups | |
| puts '===> creating security groups'.green |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import com.wordnik.swagger.codegen.BasicRubyGenerator | |
| object RubyRubyCodegen extends BasicRubyGenerator { | |
| def main(args: Array[String]) = generateClient(args) | |
| override def destinationDir = "samples/client/osv/ruby" | |
| } |