dclark

#!/usr/bin/env bash

# Retrieve AWS credentials from AWS CloudShell

# shellcheck disable=SC2001
HOST=$(echo "$AWS_CONTAINER_CREDENTIALS_FULL_URI" | sed 's|/latest.*||')
TOKEN=$(curl -s -X PUT "$HOST"/latest/api/token -H "X-aws-ec2-metadata-token-ttl-seconds: 60")
OUTPUT=$(curl -s "$HOST/latest/meta-data/container/security-credentials" -H "X-aws-ec2-metadata-token: $TOKEN")
echo "export AWS_ACCESS_KEY_ID=$(echo "$OUTPUT" | jq -r '.AccessKeyId')"
echo "export AWS_SECRET_ACCESS_KEY=$(echo "$OUTPUT" | jq -r '.SecretAccessKey')"

chancez

module "combined_acm_certificate" {
  source = "../../modules/acm_certificate_dns_validated_multi_zone"

  domain_name = "infra.example.com"
  zone_to_san = {
    "infra.example.com" = [
      "*.infra.example.com",
      "*.dev.infra.example.com",
      "*.staging.infra.example.com",
      "*.production.infra.example.com",

ogazitt

package auth

import (
	"encoding/json"
	"fmt"
	"io"
	"io/ioutil"
	"net"
	"net/http"
	"net/url"

mikeabreu

#!/bin/bash
# Add these functions to your .bashrc or .zshrc and use from your terminal.

get_certs_domains() {
  	# Credit goes to Ronnie Flathers, taken from https://twitter.com/ropnop/status/972151279463124994
	curl -s https://crt.sh\?q\=%25.$1 | awk -v pattern="<TD>.*$1" '$0 ~ pattern {gsub("<[^>]*>","");gsub(//,""); print}' | sort -u
}
get_certs() {
	curl -s https://crt.sh\?q\=%25.$1 | awk '/\?id=[0-9]*/{nr[NR]; nr[NR+1]; nr[NR+3]; nr[NR+4]}; NR in nr' | sed 's/<TD style="text-align:center"><A href="?id=//g' | sed 's#">[0-9]*</A></TD>##g' | sed 's#<TD style="text-align:center">##g' | sed 's#</TD>##g' | sed 's#<TD>##g' | sed 's#<A style=["a-z: ?=0-9-]*>##g' | sed 's#</A>##g' | sed 'N;N;N;s/\n/\t\t/g'
}

curi0usJack

# twitterfavlinks.py - Throw back all your favorites that contain a url. Get any applicable redirects. Note there are Twitter API
# limits, so if you have a gazillion favorites, you probably won't get them all. YMMV
# 
# Author: @curi0usJack
#
# Dependencies:
#   Tweepy: sudo pip install tweepy
#   Twitter API access. Set up here: https://apps.twitter.com/

import tweepy

atifaziz

Add-Type -AssemblyName System.Security;
[Text.Encoding]::ASCII.GetString([Security.Cryptography.ProtectedData]::Unprotect([Convert]::FromBase64String((type -raw (Join-Path $env:USERPROFILE foobar))), $null, 'CurrentUser'))

Erreinion

Setting up xrdp on Kali Linux 2016.2 on AWS

AWS has an AMI for Kali 2016.2, but being remote, you need VNC or RDP to access the graphical tools.

VNC is easy to set up but very restrictive. RDP is harder to set up, but easier to use. These are the instructions I use to set up xrdp.

I use this config so that I connect to the Kali VM through an Apache Guacamole RDP proxy. This keeps Kali behind the firewall and in my pentesting lab. Guacamole also allows me to access the Kali box on SSH or RDP via a web interface from anywhere and any device. 

OS: Kali Linux 2016.2
AMI: Updated 19 Oct 2016

cure53

The Scriptless Scriptlet

Or how to execute JavaScript from CSS in MSIE11 without using Scripts

Stop! This text is only interesting for you if you...

• Like popping alerts in weird situations
• Miss CSS expressions as much as we do
• Have an unhealthy obsession for markup porn

Introduction

eliquious

Building

go build -o goencrypt main.go

Generating Keys

cauerego

// quite untested, adapted from BigstickCarpet's gist, attempt to make it simpler to use

function openIndexedDB (fileindex) {
  // This works on all devices/browsers, and uses IndexedDBShim as a final fallback 
  var indexedDB = window.indexedDB || window.mozIndexedDB || window.webkitIndexedDB || window.msIndexedDB || window.shimIndexedDB;

  var openDB = indexedDB.open("MyDatabase", 1);

  openDB.onupgradeneeded = function() {
    var db = {}