Skip to content

Instantly share code, notes, and snippets.

View judavi's full-sized avatar

Juan judavi

8 followers · 9 following
  • Palet Town
View GitHub Profile
@judavi
judavi / Readme.md
Last active June 4, 2020 09:59
Certificates stuff

Get the SSL certificate of a website using openssl command:

$ echo | openssl s_client -servername NAME -connect HOST:PORT |\
  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > certificate.crt

CA Bundle Path

@judavi
judavi / Readme.md
Last active January 23, 2020 15:11
Kritis Katakoda quick setup
@judavi
judavi / Readme.md
Last active January 13, 2020 11:14
in-toto First Review

in-toto

Formal definition

This document describes in-toto, a system for securing the way in which software is developed, built, tested, and packaged (i.e., the software supply chain). in-toto attests to the integrity and verifiability of all the actions performed while writing code, compiling, testing, and deploying software. It does so by making it transparent to the user what steps were performed, by whom and in what order. As a result, given guidance by the group creating the software, in-toto allows the user to verify if a step in the supply chain was intended to be performed, if the step was performed by the right actor, and attests that materials (e.g., source code) were not tampered with between steps.

101 Version

In-toto defines a layout for the end to end process. This layout includes a series of steps and actors that will be performed during the process. Each step have some outputs that are signed with the public key of the actor performing the step. At the end of the process in-toto verify

@judavi
judavi / script.sh
Created November 27, 2019 11:31
Debug errors starting Docker Daemon
/usr/bin/dockerd -H unix://
#Sometimes in RHEL7 is neccesary to create the Docker group
sudo groupadd docker
sudo usermod -aG docker $USER
newgrp docker
@judavi
judavi / drop.sql
Created November 21, 2019 16:42
Drop all tables/info from Grafeas Oracle
drop table projects cascade CONSTRAINTS;
drop sequence projects_seq;
drop trigger projects_seq_tr;
drop table notes cascade CONSTRAINTS;
drop trigger notes_seq_tr;
drop table occurrences cascade CONSTRAINTS;
drop trigger occurrences_seq_tr;
drop trigger projects_seq_tr;
drop sequence projects_seq;
drop sequence notes_seq;
@judavi
judavi / note.json
Created November 14, 2019 12:00
Grafeas Testing Json
{
"name": "projects/ccc/notes/CVE-2015-2730",
"shortDescription": "CVE-2015-2730",
"longDescription": "NIST vectors: AV:N/AC:M/Au:N/C:N/I:P/A:N",
"kind": "VULNERABILITY",
"relatedUrl": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2015-2730",
"label": "More Info"
},
@judavi
judavi / generate_docker_cert.sh
Created November 4, 2019 15:13 — forked from bradrydzewski/generate_docker_cert.sh
Generate trusted CA certificates for running Docker with HTTPS
#!/bin/bash
#
# Generates client and server certificates used to enable HTTPS
# remote authentication to a Docker daemon.
#
# See http://docs.docker.com/articles/https/
#
# To start the Docker Daemon:
#
# sudo docker -d \
@judavi
judavi / TODO.md
Last active October 31, 2019 08:02
Grafeas TODO
@judavi
judavi / build-and-run.log
Created October 9, 2019 10:03
Grafeas-build
[judavi@grafeas grafeas]$ git status
# On branch master
# Untracked files:
# (use "git add <file>..." to include in what will be committed)
#
# go/v1beta1/main/config.yaml
nothing added to commit but untracked files present (use "git add" to track)
[judavi@grafeas grafeas]$ make
# protoc and tools need to be run before all of the other generations.
go generate ./protoc
@judavi
judavi / Readme.md
Last active August 22, 2019 12:50
Download CVE notes from Grafeas API in Google Container registry

This is an script to download CVE notes from Grafeas. Could be really handy if you need to populate your Grafeas instance with some initial information