jfrantz1-r7’s gists

jfrantz1-r7 / vulnerability_aging.sql

Created April 25, 2019 13:52

	SELECT to_char(fav.date, 'Mon-YY') AS date, COUNT(*) AS count,
	CASE
	WHEN age(dv.date_published) < '30 days' THEN '<30 days'
	WHEN age(dv.date_published) <= '60 days' THEN '30-60 days'
	ELSE '60+ days'
	END AS vuln_age
	-- The fav table has the asset test date...
	FROM fact_asset_vulnerability_instance AS fav
	-- and the dv table has the vulnerability release date
	INNER JOIN dim_vulnerability AS dv

jfrantz1-r7 / gist:e13b15c5b583c03e6da55ef60c790386

Created April 29, 2019 14:12

	<User id="nxadmin" name="nxadmin" email="" salt="53cc6cc9a389d832" passwordHash="3983B1F7D66AC4C9B17F871DB2FE174C10F285C9" enabled="1">
	<Roles>
	<role name="nexposeadmin"/>
	</Roles>
	</User>

jfrantz1-r7 / gist:9c6519e1e83dd717b86a51dd6803fe79

Created April 29, 2019 14:25

	<User id="nxadmin" name="nxadmin" email="" salt="53cc6cc9a389d832" passwordHash="3983B1F7D66AC4C9B17F871DB2FE174C10F285C9" enabled="1">
	<Roles>
	<role name="nexposeadmin"/>
	</Roles>
	</User>

jfrantz1-r7 / gist:5b35af48e5da2011f8e5d730e04157f6

Created April 29, 2019 15:12

This file has been truncated, but you can view the full file.

	chmod 0755 /opt/rapid7 -c >> output_text.txt
	chmod 0755 /opt/rapid7/nexpose -c >> output_text.txt
	chmod 0644 /opt/rapid7/nexpose/icon.ico -c >> output_text.txt
	chmod 0644 /opt/rapid7/nexpose/thirdpartynotices.txt -c >> output_text.txt
	chmod 0644 /opt/rapid7/nexpose/jre.version -c >> output_text.txt
	chmod 0755 /opt/rapid7/nexpose/updates -c >> output_text.txt
	chmod 0644 /opt/rapid7/nexpose/updates/updatetable -c >> output_text.txt
	chmod 0755 /opt/rapid7/nexpose/plugins -c >> output_text.txt
	chmod 0755 /opt/rapid7/nexpose/plugins/pck -c >> output_text.txt
	chmod 0755 /opt/rapid7/nexpose/plugins/pck/builtin -c >> output_text.txt

jfrantz1-r7 / gist:4ba803895fa77c6382f7793a15e53b5e

Created April 29, 2019 19:50

jfrantz1-r7 / gist:81e3fbf8c84e51624756448730ced1de

Created April 29, 2019 20:19

	cloudtrail.us-east-2.amazonaws.com
	cloudtrail.us-east-1.amazonaws.com
	cloudtrail.us-west-1.amazonaws.com
	cloudtrail.us-west-2.amazonaws.com
	cloudtrail.ap-east-1.amazonaws.com
	sts.us-east-2.amazonaws.com
	sts.us-east-1.amazonaws.com
	sts.us-west-1.amazonaws.com
	sts.us-west-2.amazonaws.com
	ec2.us-east-2.amazonaws.com

jfrantz1-r7 / gist:07109dd7e79c15738a295d18cdbd572d

Created April 30, 2019 18:07

	chown -R nxpgsql:nxpgsql /opt/rapid7/nexpose/nsc/nxpgsql/nxpdata/ -c >> output_changes.txt
	chown nxpgsql:root /opt/rapid7/nexpose/nsc/nxpgsql/nxpdata -c >> output_changes.txt
	chown nxpgsql:root /opt/rapid7/nexpose/nsc/nxpgsql/nxpdata/nxpgsql.log -c >> output_changes.txt
	chown -R nxpgsql:root /opt/rapid7/nexpose/nsc/nxpgsql/pgsql/ -c >> output_changes.txt
	chown nxpgsql:nxpgsql /opt/rapid7/nexpose/nsc/nxpgsql/.gnupg/private-keys-v1.d -c >> output_changes.txt
	chown nxpgsql:nxpgsql /opt/rapid7/nexpose/nsc/nxpgsql/.gnupg -c >> output_changes.txt
	chown nxpgsql:root /opt/rapid7/nexpose/nsc/nxpgsql -c >> output_changes.txt

jfrantz1-r7 / gist:c6840425fa1d18f092983c68c842bed0

Created May 1, 2019 18:24

	+ Criteria: OR \|SERVICE\| CONTAINS \|Shell Backdoor\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Spyware\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Backdoor\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Trojan\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Virus\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Worm\|

jfrantz1-r7 / gist:0b11d2a001cd84c74a8d7a6ed122200e

Created May 1, 2019 20:03

jfrantz1-r7 / gist:b550148cb056007428ce45af0d625ddc

Created May 1, 2019 20:38

	{
	"Version": "2012-10-17",
	"Statement": {
	"Effect": "Allow",
	"Action": "sts:AssumeRole",
	"Resource": "arn:aws:iam::ACCOUNT-ID:role/TEST*"
	}
	}

	+ Criteria: OR \|SERVICE\| CONTAINS \|Shell Backdoor\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Spyware\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Backdoor\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Trojan\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Virus\|
	+ Criteria: OR \|VULN_CATEGORY\| IS \|Worm\|

Josh Frantz jfrantz1-r7