Skip to content

Instantly share code, notes, and snippets.

View z0ph's full-sized avatar
🚀
Love People and use things, because the opposite never works

Victor GRENU z0ph

🚀
Love People and use things, because the opposite never works
187 followers · 221 following
View GitHub Profile
@jgamblin
jgamblin / readme.md
Last active October 5, 2022 10:55
Bot that posts SSH logins to slack.

SSH Slackbot

This is a simple slackbot to post successful SSH logins to a slack channel to help you keep track of server access.

Step 1

Create an incoming webhook for your slack community.

Step 2

Create /etc/ssh/sshslack.sh

@shortjared
shortjared / list.txt
Last active June 11, 2025 02:11
List of AWS Service Principals
a4b.amazonaws.com
access-analyzer.amazonaws.com
account.amazonaws.com
acm-pca.amazonaws.com
acm.amazonaws.com
airflow-env.amazonaws.com
airflow.amazonaws.com
alexa-appkit.amazon.com
alexa-connectedhome.amazon.com
amazonmq.amazonaws.com
@TomRyan-321
TomRyan-321 / security-group-cleanup.py
Last active October 29, 2024 02:54 — forked from lingmann/security-group-cleanup.py
Security Group Cleanup using boto3 with RDS check fixed
#!/usr/bin/env python
import boto3
import argparse
def lookup_by_id(sgid):
sg = ec2.get_all_security_groups(group_ids=sgid)
return sg[0].name
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active May 14, 2025 19:15 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@hsuh
hsuh / AWS access key grep
Created January 20, 2017 12:26
url - https://aws.amazon.com/blogs/security/a-safer-way-to-distribute-aws-credentials-to-ec2/
Finding hard-coded credentials in your code
Hopefully you’re excited about deploying credentials to EC2 that are automatically rotated. Now that you’re using Roles, a good security practice would be to go through your code and remove any references to AKID/Secret. We suggest running the following regular expressions against your code base:
Search for access key IDs: (?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9]). In English, this regular expression says: Find me 20-character, uppercase, alphanumeric strings that don’t have any uppercase, alphanumeric characters immediately before or after.
Search for secret access keys: (?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]). In English, this regular expression says: Find me 40-character, base-64 strings that don’t have any base 64 characters immediately before or after.
If grep is your preferred tool, run a recursive, Perl-compatible search using the following commands
@nrollr
nrollr / Node_AWS_Linux.md
Last active May 7, 2023 14:18
Install Node.js on Amazon Linux (EC2)

Installing Node.js on Amazon Linux AMI

The following will guide you through the process of installing Node.js on an AWS EC2 instance running Amazon Linux AMI 2016.09 - Release Notes

For this process I'll be using a t2.micro EC2 instance running Amazon Linux AMI (ami-d41d58a7). Once the EC2 instance is up-and-running, connect to your server via ssh

@leonardofed
leonardofed / README.md
Last active June 5, 2025 20:43
A curated list of AWS resources to prepare for the AWS Certifications


A curated list of AWS resources to prepare for the AWS Certifications

A curated list of awesome AWS resources you need to prepare for the all 5 AWS Certifications. This gist will include: open source repos, blogs & blogposts, ebooks, PDF, whitepapers, video courses, free lecture, slides, sample test and many other resources.

@bastman
bastman / docker-cleanup-resources.md
Created March 31, 2016 05:55
docker cleanup guide: containers, images, volumes, networks

Docker - How to cleanup (unused) resources

Once in a while, you may need to cleanup resources (containers, volumes, images, networks) ...

delete volumes

// see: https://github.com/chadoe/docker-cleanup-volumes

$ docker volume rm $(docker volume ls -qf dangling=true)

$ docker volume ls -qf dangling=true | xargs -r docker volume rm

@t-chab
t-chab / private.xml
Last active January 31, 2017 10:56
Karabiner french mapping for use with Remote Desktop
<?xml version="1.0"?>
<root>
<appdef>
<appname>Microsoft Remote Desktop</appname>
<equal>com.microsoft.rdc.mac</equal>
</appdef>
<item>
<name>French Mac keyboard A1314 using the Microsoft Remote Desktop App</name>
<appendix>Assure all keys written on the keyboard to be the same on the remote server.</appendix>
<appendix>Done for Version 8.0.12 (Build 25282)</appendix>
@alirobe
alirobe / reclaimWindows10.ps1
Last active June 10, 2025 00:59
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
###
###
### UPDATE: For Win 11, I recommend using this tool in place of this script:
### https://christitus.com/windows-tool/
### https://github.com/ChrisTitusTech/winutil
### https://www.youtube.com/watch?v=6UQZ5oQg8XA
### iwr -useb https://christitus.com/win | iex
###
### OR take a look at
### https://github.com/HotCakeX/Harden-Windows-Security