$awsec2instances = aws ec2 describe-instances
mbrownnycnyc
mbrownnycnyc
/ get-xfcvssdata.ps1
Last active
September 16, 2022 19:46
gather interesting cvss data from x-force
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $cvelist = "CVE-2022-32868","CVE-2022-32886","CVE-2022-32912","CVE-2022-32891","CVE-2022-32854","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32795","CVE-2022-32868","CVE-2022-32872","CVE-2022-32886","CVE-2022-32902","CVE-2022-32896","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32900","CVE-2022-32902","CVE-2022-32854","CVE-2022-32896","CVE-2022-32911","CVE-2022-32864","CVE-2022-32894","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32900","CVE-2022-32854","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32795","CVE-2022-32868","CVE-2022-32872","CVE-2022-32886","CVE-2022-32912","CVE-2022-32893" | |
| $baseurl = "https://api.xforce.ibmcloud.com/" | |
| $apikey = "xxxx" | |
| $apipass = "yyyy" | |
| $encodeme = $apikey+":"+$apipass | |
| $access_token = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($encodeme)) | |
| $headers = @{"Authorization"= "Basic $access_token"; |
mbrownnycnyc
/ gitlab-search.py
Last active
September 26, 2022 17:23
gitlab code searcher based on https://github.com/tuimm/gitlab-search, but added enum for all branches and regex string matches. need to add multithreading and dumping data to disk upon receipt.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import gitlab | |
| import re | |
| def search(gitlab_server, token, file_filter, regextofind, group=None, project_filter=None): | |
| return_value = [] | |
| gl = gitlab.Gitlab(gitlab_server, private_token=token) | |
| if (project_filter == '') and (group == ''): | |
| projects = gl.projects.list(all=True) | |
| else: | |
| group_object = gl.groups.get(group) |
mbrownnycnyc
/ parse_awscli_json_output.ps1
Last active
September 14, 2022 17:41
deal with json for filtering in powershell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # parse elbv2 | |
| $targetjson = get-content "elbv2-listener-allowing-cleartext.json" | ConvertFrom-Json | |
| $interestingdata = @() | |
| foreach ($item in $targetjson) { | |
| $tempobj = "" | select dnsname, arn, vpcid, tags, listener_80_defaultaction_type, sg_tags, sg_used_by | |
| $tempobj.dnsname = $item.DNSName | |
| $tempobj.arn = $item.arn | |
| $tempobj.vpcid = $item.VpcId |
mbrownnycnyc
/ worksheet.ps1
Last active
June 23, 2022 19:52
script used to assist in building a risk scoring spreadsheet for AD prived groups and users (adjust baseline risk of each group)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-b--privileged-accounts-and-groups-in-active-directory | |
| $userrights_readable = "Access Credential Manager as a trusted caller","Access this computer from the network","Act as part of the operating system","Add workstations to domain","Adjust memory quotas for a process","Allow log on locally","Allow log on through Remote Desktop Services","Back up files and directories","Bypass traverse checking","Change the system time","Change the time zone","Create a pagefile","Create a token object","Create global objects","Create permanent shared objects","Create symbolic links","Debug programs","Deny access to this computer from the network","Deny log on as a batch job","Deny log on as a service","Deny log on locally","Deny log on through Terminal Services","Enable computer and user accounts to be trusted for delegation","Force shutdown from a remote system","Generate security audits","Impersonate a client after authenti |
mbrownnycnyc
/ aws_cli_ref.md
Last active
September 27, 2022 19:06
aws cli reference and whoops... i'm learning `jq`.. but not really because it doesn't work well with powershell :D
- install and start openssh server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Start-Service sshd
Set-Service -Name sshd -StartupType 'Manual'
netstat -ano | findstr :22
ssh [win local account]@localhost
mbrownnycnyc
/ Reset-ScanEngineVersion.ps1
Last active
January 3, 2022 13:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://objects.githubusercontent.com/github-production-release-asset-2e65be/285628618/02f45cd5-5f38-4216-a19d-97361eb7de83?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20220103%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220103T133559Z&X-Amz-Expires=300&X-Amz-Signature=81e05a3741e0f506a16470ccbcb3edab04eafbfccdf9ee608d3187bf78c087c2&X-Amz-SignedHeaders=host&actor_id=991809&key_id=0&repo_id=285628618&response-content-disposition=attachment%3B%20filename%3DReset-ScanEngineVersion.ps1&response-content-type=application%2Foctet-stream | |
| <# | |
| MIT License | |
| Copyright (c) Microsoft Corporation. | |
| Permission is hereby granted, free of charge, to any person obtaining a copy | |
| of this software and associated documentation files (the "Software"), to deal | |
| in the Software without restriction, including without limitation the rights | |
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
mbrownnycnyc
/ install_nuclei_on_kali.md
Last active
September 11, 2024 06:05
nuclei install on kali (for log4j stuff).. this is in draft as of 12/17/2021
-
stand up a domain. In this case, I'll use digiarch.net since I own this and use it for nothing.
-
stand up an ami linux server. Configure the SG to allow the following inbound (letsencrypt also uses the DNS):
- tcp 25: SMTP
- udp 53: DNS
- tcp 80: HTTP
- tcp 443: HTTPS
mbrownnycnyc
/ terraform_splk_kinesis.md
Last active
December 22, 2021 14:29
terraform_splk_kinesis.md
- download terraform
mkdir c:\terraform
[environment]::setenvironmentvariable("Path", $env:Path + ";C:\terraform", "Machine")
cd c:\terraform
invoke-webrequest -usebasicparsing https://releases.hashicorp.com/terraform/1.0.11/terraform_1.0.11_windows_amd64.zip -out terraform_1.0.11_windows_amd64.zip
Expand-Archive .\terraform_1.0.11_windows_amd64.zip -DestinationPath .
mbrownnycnyc
/ aws_log_nix.md
Created
November 14, 2021 04:34
terraform tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}