Skip to content

Instantly share code, notes, and snippets.

View nbeguier's full-sized avatar

Nicolas Béguier nbeguier

36 followers · 5 following
View GitHub Profile
@nbeguier
nbeguier / mobsfscan.config
Created December 2, 2022 17:09
mobsfscan configuration file
---
- ignore-paths:
- test
ignore-rules:
- android_kotlin_md5
- android_kotlin_insecure_random
- android_kotlin_hardcoded
- android_kotlin_hiddenui
- android_hidden_ui
@nbeguier
nbeguier / nginx.conf
Last active November 6, 2024 09:51
Nginx: TLS Security Configuration 2023
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name __REDACTED__;
ssl_certificate __REDACTED__ ;
ssl_certificate_key __REDACTED__;
# Only return Nginx in server header
server_tokens off;
@nbeguier
nbeguier / shhgit_output.log
Created October 28, 2021 19:36
shhgit output
$ shhgit -local . -config-path ~/some_directory/shhgit/
_ _ _ _
| | | | (_) |
___| |__ | |__ __ _ _| |_
/ __| '_ \| '_ \ / _` | | __|
\__ \ | | | | | | (_| | | |_
|___/_| |_|_| |_|\__, |_|\__|
__/ |
v0.4 |___/
@nbeguier
nbeguier / volatility_gimp_helper.sh
Created March 8, 2021 13:06
volatility_gimp_helper.sh
# Observe process memory dump
function volatility_screenshot {
OS=$1
PID=$2
if ! [ -f "/tmp/${PID}.memdump/${PID}.data" ]; then
mkdir -p "/tmp/${PID}.memdump/"
if [ "$OS" == "windows" ]; then
volatility -f dump.raw --profile=Win7SP1x86_23418 memdump -p "${PID}" --dump-dir "/tmp/${PID}.memdump/"
mv "/tmp/${PID}.memdump/${PID}.dmp" "/tmp/${PID}.memdump/${PID}.data"
elif [ "$OS" == "mac" ]; then
@nbeguier
nbeguier / aws_tower_allow_all_from_public.json
Created November 30, 2020 14:57
AWS Tower - Rule to detect all port
{
"message": {
"text": "[{name}] Allow connection to all port from public network ({source}=>{ports})",
"args": {
"name": {
"type": "variable",
"variable": "sg_name"
},
"source": {
"type": "variable",
@nbeguier
nbeguier / aws_tower_deprecated_mysql.json
Created November 30, 2020 14:47
AWS Tower - Rule to detect deprecated version of Mysql
{
"message": {
"text": "Deprecated mysql engine version ({current_version})",
"args": {
"current_version": {
"type": "dict",
"key": "Engine",
"variable": "metadata"
}
}
@nbeguier
nbeguier / aws_tower_cli.scan.2.sh
Created November 27, 2020 16:09
AWS Tower - scan brief medium
$ ./aws_tower_cli.py scan my-aws-account-profile --min-severity medium --brief
{
"vpc-1234567980": {
"main-vpc-private-lb": [
{
"ELBV2: internal-patrowl-manager-lb-20201127.eu-west-1.elb.amazonaws.com": [
"medium: DnsRecord: patrowl.my-private-domain.com."
]
}
],
@nbeguier
nbeguier / aws_tower_cli.scan.sh
Last active November 27, 2020 16:09
AWS Tower - scan
$ ./aws_tower_cli.py scan my-aws-account-profile
{
"vpc-1234567980": {
"main-vpc-intra": {},
"main-vpc-private": {
"EC2": [
{
"Name": "patrowl-manager",
"PrivateIpAddress": "10.10.1.49",
"PubliclyAccessible": false,
@nbeguier
nbeguier / aws_tower_cli.discover.2.sh
Created November 27, 2020 15:38
AWS Tower - discover public verbose
$ ./aws_tower_cli.py discover my-aws-account-profile --public-only --verbose
{
"vpc-1234567980": {
"main-vpc-intra": {},
"main-vpc-private": {},
"main-vpc-private-lb": {},
"main-vpc-public": {
"EC2": [
{
"Name": "custom-nginx",
@nbeguier
nbeguier / aws_tower_cli.discover.sh
Created November 27, 2020 15:32
AWS Tower - discover
$ ./aws_tower_cli.py discover my-aws-account-profile
{
"vpc-1234567980": {
"main-vpc-intra": {},
"main-vpc-private": {
"EC2": [
{
"Name": "patrowl-manager",
"PrivateIpAddress": "10.10.1.49",
"PubliclyAccessible": false