SMUsamaShah

Browser Based

1. Web Wormhole https://webwormhole.io/ https://github.com/saljam/webwormhole
2. ToffeeShare https://toffeeshare.com/
3. FilePizza https://file.pizza/
4. ShareDrop sharedrop.io https://github.com/szimek/sharedrop (SOLD, not recommended, use one of the forks)
   1. A clone SnapDrop snapdrop.net https://github.com/RobinLinus/snapdrop (SOLD, not recommended, use one of the forks)
      1. A fork PairDrop https://pairdrop.net/ https://github.com/schlagmichdoch/pairdrop
5. Instant.io https://instant.io/
6. FileTC https://file.tc/

StevenACoffman

Fluent-bit rocks

A short survey of log collection options and why you picked the wrong one. 😜

Who am I? Where am I from?

I'm Steve Coffman and I work at Ithaka. We do JStor (academic journals) and other stuff. How big is it?

Number	what it means
101,332,633	unique visitors in 2017

Neo23x0

# IMPORTANT!
# This gist has been transformed into a github repo 
# You can find the most recent version there:
# https://github.com/Neo23x0/auditd

#      ___             ___ __      __
#     /   | __  ______/ (_) /_____/ /
#    / /| |/ / / / __  / / __/ __  / 
#   / ___ / /_/ / /_/ / / /_/ /_/ /  
#  /_/  |_\__,_/\__,_/_/\__/\__,_/   

mrw34

#!/bin/bash

set -euo pipefail

openssl req -new -text -passout pass:abcd -subj /CN=localhost -out server.req -keyout privkey.pem
openssl rsa -in privkey.pem -passin pass:abcd -out server.key
openssl req -x509 -in server.req -text -key server.key -out server.crt
chmod 600 server.key
test $(uname -s) = Linux && chown 70 server.key
docker run -d --name postgres -e POSTGRES_HOST_AUTH_METHOD=trust -v "$(pwd)/server.crt:/var/lib/postgresql/server.crt:ro" -v "$(pwd)/server.key:/var/lib/postgresql/server.key:ro" postgres:12-alpine -c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key

EdOverflow

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output

StevenACoffman

MicroService Proxy Gateway Solutions

Kong, Traefik, Caddy, Linkerd, Fabio, Vulcand, and Netflix Zuul seem to be the most common in microservice proxy/gateway solutions. Kubernetes Ingress is often a simple Ngnix, which is difficult to separate the popularity from other things.

Github Star Trend:

This is just a picture of this link from March 2, 2019

Originally, I had included some other solution

rain-1

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

• Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
• Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
• Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
• Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
• Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

paragonie-scott

Changes to JOSE that will prevent insecurity

Deletions

JWS and JWE

Drop the alg header

Neither JOSE users nor JOSE library designers should be required to understand cryptography primitives. At a lower level, this can lead to badly implemented primitives. On a higher level, this can lead to reasoning by lego.

simonw

How to recover lost Python source code if it's still resident in-memory

I screwed up using git ("git checkout --" on the wrong file) and managed to delete the code I had just written... but it was still running in a process in a docker container. Here's how I got it back, using https://pypi.python.org/pypi/pyrasite/ and https://pypi.python.org/pypi/uncompyle6

Attach a shell to the docker container

Install GDB (needed by pyrasite)

apt-get update && apt-get install gdb

mattifestation

# Get-SystemDriver requires the ConfigCI module on Win10 Enterprise
# This will collect all signer information for all PEs in C:\
# This will take a while!!!
$Signers = Get-SystemDriver -ScanPath C:\ -UserPEs

# Associate the subject name of each certificate to the file/signer info
# so we can correlate the two.
$CertSubjectMapping = $Signers | % {
    $Signer = $_