I hereby claim:
- I am inkz on github.
- I am inkz (https://keybase.io/inkz) on keybase.
- I have a public key whose fingerprint is 8310 30E0 ACE9 0C42 882F 3070 8189 36A1 E08C 79E5
To claim this, I am signing this object:
Vasilii Ermilov inkz
inkz
/ keybase.md
Created
February 11, 2017 01:06
inkz
/ sgrep-test.yaml
Last active
April 7, 2020 20:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: strategies | |
| pattern-either: | |
| - pattern: var $F = require("passport-jwt").Strategy; | |
| - pattern: var $F = require("passport-facebook").Strategy; | |
| - pattern: var $F = require("passport-google-oauth2").Strategy; | |
| - pattern: var $F = require("passport-oauth2").Strategy; | |
| - pattern: var $F = require("passport-twitter").Strategy; | |
| - pattern: var $F = require("passport-google-oauth1").Strategy; | |
| - pattern: var $F = require("passport-oauth1").Strategy; |
inkz
/ insecure-transport-1-go.yaml
Created
September 24, 2020 05:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: disallow-old-tls-versions | |
| patterns: | |
| - pattern-either: | |
| - pattern: | | |
| tls.Config{..., MinVersion: $TLS.$VERSION, ...} | |
| - pattern: | | |
| $CONFIG = &tls.Config{...} | |
| ... | |
| $CONFIG.MinVersion = $TLS.$VERSION |
inkz
/ find-deps.yaml
Last active
December 6, 2020 04:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: find-dependencies-js | |
| pattern-either: | |
| - pattern: import $X | |
| - patterns: | |
| - pattern: require($X) | |
| - pattern: require("...") | |
| message: $X | |
| languages: | |
| - javascript |
inkz
/ find-sink.yaml
Last active
December 7, 2020 06:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: find-sink-python | |
| pattern: | | |
| def $HANDLER(event, context): | |
| ... | |
| $SINK(...,<... event ...>,...) | |
| message: $SINK | |
| languages: | |
| - python | |
| severity: ERROR |
inkz
/ find-aws-service.yaml
Last active
December 5, 2020 06:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: find-aws-service-python | |
| pattern: | | |
| boto3.client($SERVICE) | |
| message: $SERVICE | |
| severity: ERROR | |
| languages: | |
| - python | |
| - id: find-aws-service-js1 | |
| pattern: | |
inkz
/ all-lambda-recon.yaml
Last active
December 5, 2020 04:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: find-aws-service-python | |
| pattern: | | |
| boto3.client($SERVICE) | |
| message: $SERVICE | |
| severity: ERROR | |
| languages: | |
| - python | |
| - id: find-aws-service-js1 | |
| pattern: | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # usage . aws-2fa.sh 1234 | |
| # unset previous session params | |
| unset AWS_ACCESS_KEY_ID | |
| unset AWS_SECRET_ACCESS_KEY | |
| unset AWS_SESSION_TOKEN | |
| # ARN value | |
| arn='arn-value-here' | |
| # get new session token from AWS |
inkz
/ pp-rules1.yaml
Created
August 30, 2021 06:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: prototype-pollution-assignment | |
| languages: | |
| - javascript | |
| - typescript | |
| message: | | |
| Possibility of prototype polluting assignment detected. | |
| By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. | |
| This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). | |
| Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object. |
inkz
/ new-js-rules1.yaml
Created
August 31, 2021 11:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: insecure-object-assign | |
| mode: taint | |
| message: | | |
| Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability. | |
| metadata: | |
| cwe: "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')" | |
| owasp: 'A1: Injection' | |
| references: | |
| - https://nodesecroadmap.fyi/chapter-1/threat-EXF.html |
OlderNewer