Skip to content

Instantly share code, notes, and snippets.

View houey's full-sized avatar
🏠
Working from home

Houston houey

🏠
Working from home
52 followers · 214 following
View GitHub Profile
@chanj
chanj / AWS Security Resources
Last active June 21, 2021 09:49
AWS Security Resources
INTRO
I get asked regularly for good resources on AWS security. This gist collects some of these resources (docs, blogs, talks, open source tools, etc.). Feel free to suggest and contribute.
Short Link: http://tiny.cc/awssecurity
Official AWS Security Resources
* Security Blog - http://blogs.aws.amazon.com/security/
* Security Advisories - http://aws.amazon.com/security/security-bulletins/
* Security Whitepaper (AWS Security Processes/Practices) - http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
* Security Best Practices Whitepaper - http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf
@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active May 6, 2025 04:20
Cloud Metadata Dictionary useful for SSRF Testing
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
@dnmellen
dnmellen / worker_function.py
Created January 31, 2017 15:07
AWS Lambda function that performs an ssh command through a bastion server to another server. The function will be triggered by a Cloudwatch Alarm
import json
import boto3
import paramiko
def worker_handler(event, context):
ALLOWED_HOSTS = [
'host1',
'host2,
@jgamblin
jgamblin / certstream-slack.py
Created February 26, 2018 16:32
A script to search CTLogs for keywords and post new certs to a slack channel.
# coding=utf-8
import certstream
import json
import requests
# Get the webhook_url here:
# https://my.slack.com/services/new/incoming-webhook/
@markofu
markofu / Security_Tools_for_AWS.MD
Last active October 2, 2023 15:30
Security Tools for AWS

Security Tools for AWS

I often get asked which tools are good to use for securing your AWS infrastructure so I figured I'd write a short listof some useful Security Tools for the AWS Cloud Infrastructure.

This list is not intended be something completely exhaustive, more so provide a good launching pad for someone as they dig into AWS and want to make it secure from the start.

Open Source

This section focuses on tools and services provided by the community and released as open-source.

@fransr
fransr / bucket-disclose.sh
Last active February 16, 2025 14:38
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
#!/bin/bash
# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
@0xdabbad00
0xdabbad00 / aws actions
Created August 3, 2018 17:10
AWS API calls as extracted from boto using the technique on https://github.com/duo-labs/cloudtracker#aws_actionstxt
a4b:AssociateContactWithAddressBook
a4b:AssociateDeviceWithRoom
a4b:AssociateSkillGroupWithRoom
a4b:CreateAddressBook
a4b:CreateContact
a4b:CreateProfile
a4b:CreateRoom
a4b:CreateSkillGroup
a4b:CreateUser
a4b:DeleteAddressBook
@0xdabbad00
0xdabbad00 / extract.py
Last active March 22, 2021 23:37
Parse IAM info from https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html
#!/usr/bin/env python
from os import listdir
from os.path import isfile, join
import re
import json
from bs4 import BeautifulSoup
"""
@igama
igama / binaryedge-daily-check.py
Created February 28, 2019 20:38
Get a daily update of the IPS, Networks, ASNs you are interested in using BinaryEdge data.
#!/usr/bin/env python3
#
# Example Script
# Get a daily update of what you are interested in.
# What was detected in the last 24hours
#
# For detail on the fields for each message type please check https://docs.binaryedge.io/modules/
from pybinaryedge import BinaryEdge
import math
@paralax
paralax / vulmap_osx.py
Last active May 29, 2019 10:14
check for software vulnerabilities on OSX
import glob
import plistlib
import sys
import xml
import requests
class VulnScanner(object):
def __init__(self):
self.url = 'https://vulmon.com/scannerapi?product={0}&version={1}&dev=1'