Kinnaird McQuade kmcquade

Founder/CTO @nvsecurity. I build security testing tools, mostly around AppSec, CloudSec, and AWS. Author of Cloudsplaining and Endgame.

351 followers · 289 following

NightVision Security
us-east-1
01:49 (UTC -04:00)
https://kmcquade.com
@kmcquade3
in/kinnairdmcquade
https://www.nightvision.net

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

kmcquade / README.md

Last active August 22, 2024 18:58

This is an interesting exercise in how ZAP handles Swagger files on import. My primary concern is that ZAP does not support importing injectable URL parameters from a Swagger file, and interprets a path like {id} as a literal id string.

You can see the difference between the endpoints that NightVision discovers (on the left) and the spidered URLs from ZAP (on the right): https://www.diffchecker.com/JKaeR6rg/ (expires in 30 days).

If you clone this gist, you can run python3 print_endpoints.py to print the endpoints that are in swagger-paths.csv (the ones discovered by NightVision).

And you can see the endpoints that are discovered by the ZAP Spider in spidered-paths.csv.

Observation

kmcquade / config.json

Last active February 27, 2024 17:03

cloudwatch logs agent config

	{
	"agent": {
	"metrics_collection_interval": 60
	},
	"logs": {
	"logs_collected": {
	"files": {
	"collect_list": [
	{
	"file_path": "/home/ec2-user/shared-volume/zap.log",

kmcquade / app.yaml

Created February 2, 2024 05:55 — forked from alukach/app.yaml

An example Github Actions for Python + Pipenv + Postgres + Pyright

	# .github/workflows/app.yaml
	name: My Python Project
	on: push

	jobs:
	test:
	runs-on: ubuntu-latest
	timeout-minutes: 10

	services:

kmcquade / clean_old_lambda_versions.py

Created December 5, 2023 18:47 — forked from tobywf/clean_old_lambda_versions.py

A quick script to remove old AWS Lambda function versions

	from __future__ import absolute_import, print_function, unicode_literals
	import boto3


	def clean_old_lambda_versions():
	client = boto3.client('lambda')
	functions = client.list_functions()['Functions']
	for function in functions:
	versions = client.list_versions_by_function(FunctionName=function['FunctionArn'])['Versions']
	for version in versions:

kmcquade / jellyfin-openapi-stable.json

Created November 16, 2023 14:14

11/16/2023 download of Jellyfin's Swagger doc. https://api.jellyfin.org/openapi/jellyfin-openapi-stable.json

This file has been truncated, but you can view the full file.

	{
	"openapi": "3.0.1",
	"info": {
	"title": "Jellyfin API",
	"version": "10.8.12",
	"x-jellyfin-version": "10.8.12"
	},
	"servers": [
	{

kmcquade / dvws-node-swagger.json

Last active November 16, 2023 17:49

dvws-node Swagger file. The swagger.js file in the repo is in a javascript object but I need it to be yaml/json and downloadable. So downloading it from gist. Here is the original: https://github.com/vulnerable-apps/dvws-node/blob/master/swagger.js

	{
	"openapi": "3.0.1",
	"info": {
	"title": "DVWS API",
	"description": "API Used for DVWS Application",
	"version": "0.1"
	},
	"servers": [
	{
	"url": "http://dvws.local"

kmcquade / pw_example.py

Created January 25, 2023 21:49

pw_example.py

	"""
	Gmail doesn't work using regular recording. It will only work if you run the recording script and then wrap the recorded script in this
	"""

	from playwright.sync_api import Playwright, sync_playwright, expect
	from playwright._impl._api_types import Error as PlaywrightError


	def run(pw: Playwright) -> None:
	args = [

kmcquade / ldbdump.py

Created November 6, 2022 20:23 — forked from mkorthof/ldbdump.py

ldbdump - dumps LevelDB keys/values

	#!/usr/bin/python3

	# ldbdump - dumps LevelDB keys/values
	#
	# a LevelDB is a dir with files such a these:
	# 000050.ldb 000100.log CURRENT LOCK LOG MANIFEST-000099
	#
	# sources: https://github.com/tos-kamiya/levelobjdb dump()

	import os

kmcquade / install-firing-range.sh

Created May 12, 2022 19:15 — forked from ianmuscat/install-firing-range.sh

	#!/bin/bash

	# Clone the Firing Range Repository
	git clone https://github.com/google/firing-range.git

	# Change to 'firing-range' directory
	cd firing-range

	# Download the AppEngine SDK
	wget https://storage.googleapis.com/appengine-sdks/featured/appengine-java-sdk-1.9.23.zip

kmcquade / risky-actions-example.yml

Created December 10, 2021 18:06

Explanation for a vendor on a potential way to represent risky action combinations for their product via yaml

	###
	# Format is below
	#
	# risk-name:
	# target-name: # AND logic
	# - service:actionName
	# - service:act*
	#
	####
	# List of high priority resource exposure actions here: https://gist.github.com/kmcquade/3161a6737285dc0508a9fa3446e22090

NewerOlder