This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
REGO is a declarative language used for policy-as-code in the Open Policy Agent (OPA) framework. Here's a concise cheat sheet of popular built-in functions, syntax idioms, and variables in REGO: | |
1. Built-in functions: | |
- Comparison: `eq(x, y)`, `lt(x, y)`, `lte(x, y)`, `gt(x, y)`, `gte(x, y)` | |
- Arithmetic: `add(x, y)`, `sub(x, y)`, `mul(x, y)`, `div(x, y)`, `mod(x, y)` | |
- Logical: `and(x, y)`, `or(x, y)`, `not(x)` | |
- Type Checking: `is_number(x)`, `is_string(x)`, `is_boolean(x)`, `is_array(x)`, `is_set(x)`, `is_object(x)`, `is_null(x)` | |
- Casting: `to_number(x)`, `to_string(x)`, `to_boolean(x)` | |
- Arrays: `count(arr)`, `all(arr, func)`, `any(arr, func)`, `filter(arr, func)`, `map(arr, func)`, `reduce(arr, func, initial)` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package anon.app.core.security; | |
import anon.market.core.Log; | |
import org.bouncycastle.crypto.engines.AESEngine; | |
import org.bouncycastle.crypto.generators.SCrypt; | |
import org.bouncycastle.crypto.modes.GCMBlockCipher; | |
import org.bouncycastle.crypto.params.AEADParameters; | |
import org.bouncycastle.crypto.params.KeyParameter; | |
import org.bouncycastle.jcajce.provider.digest.SHA3; | |
import javax.ws.rs.WebApplicationException; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
// Code modified from: https://github.com/abdullah2993/go-runpe/blob/master/runpe.go | |
import ( | |
"bytes" | |
"debug/pe" | |
"encoding/binary" | |
"fmt" | |
"syscall" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We need to be prepared with the tools needed for secure communications. | |
Downloading these libraries acts as safeguard for privacy, as we will always be able to build and disribute encrypted applications. | |
And if you're really paranoid, you'll back up a favorite Linux distro, browser and compiler. | |
* Crypto++ - https://github.com/weidai11/cryptopp | |
* Botan - https://github.com/randombit/botan | |
* BouncyCastle Java - https://github.com/bcgit/bc-java | |
* BouncyCastle C# - https://github.com/bcgit/bc-csharp | |
* GnuTLS - https://gitlab.com/gnutls/gnutls | |
* NaCl - https://nacl.cr.yp.to/install.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
~~ The Weaponite Writings ~~ | |
For all of human history, weapons equal power. | |
Power to the people, means weapons to the people. | |
We the Weaponites, will not be subjugated. | |
Principals: | |
1. Our purpose is to arm all peace-loving peoples for their own salvation. This is the way. | |
2. Safety and personal responsibility is the first priority of all Weaponites. | |
3. Weaponites are free to own and carry all weapons and weapon accessories. Firearms are our traditional choice of holey instrument. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
int main(int argc, char * argv[]) | |
{ | |
char a[1024]; | |
strcpy(a, argv[1]); | |
printf(a); | |
printf("\n"); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
admin | |
pass | |
key | |
secret | |
cert | |
cred | |
auth | |
crypt | |
hash | |
hmac |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This document outlines several ways to harden your AWS environment using free tools and paid services. | |
1. Scout2 (free) - https://github.com/nccgroup/Scout2 | |
* Scout2 is focused toward pentesters doing one-time audits of AWS environment configuration issues. Can output a report as HTML or JSON | |
2. Prowler (free) - https://github.com/toniblyx/prowler | |
* Checks the items from the CIS Amazon Web Services Foundations Benchmark. - https://www.cisecurity.org/benchmark/amazon_web_services/ | |
3. CloudSploit (free/paid) - https://github.com/cloudsploit/scans | |
* CloudSploit is a paid service, but it has two free options. One allows you to use their website to run a manual scan, and the other is they've open-sourced their engine and its rules so you can run it yourself. | |
4. AWS Trusted Advisor (freemium) - console.aws.amazon.com/trustedadvisor/ | |
* AWS Trusted Advisor comes free with your AWS account and provides not only security checks, but also cost optimization, performance, and fault tolerance checks. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
dd if=/dev/zero of=filename bs=$((1024*1024)) count=$((10*1024)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sys | |
from scapy.all import * | |
print "Field Values of packet sent" | |
p=IP(dst=sys.argv[1],id=1111,ttl=99)/TCP(sport=RandShort(),dport=[22,80],seq=12345,ack=1000,window=1000,flags="S")/"flooder" | |
ls(p) | |
print "Sending Packets in 0.3 second intervals for timeout of 4 sec" | |
ans,unans=srloop(p,inter=0.3,retry=2,timeout=4) | |
print "Summary of answered & unanswered packets" | |
ans.summary() |
NewerOlder