- Kubernetes version disclosure.
- Access to Kubernetes API
- Insecure (HTTP) access to Kubernetes API
- Specific Access to Kubernetes API
- Possible Arp Spoof
- Certificate Includes Email Address
secxena
/ emerald.sh
Last active
April 11, 2022 10:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo systemctl stop emerald | |
| wget https://github.com/oasisprotocol/mainnet-artifacts/releases/download/2022-04-11/genesis.json -O /node/etc/genesis.json | |
| wget https://github.com/oasisprotocol/oasis-core/releases/download/v22.1.3/oasis_core_22.1.3_linux_amd64.tar.gz | |
| tar -xvzf oasis_core_22.1.3_linux_amd64.tar.gz | |
| cat > ~/emerald.service << EOF | |
| [Unit] | |
| Description=Emerald Paratime Node | |
| After=network.target | |
| [Service] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo systemctl stop oasis | |
| wget https://github.com/oasisprotocol/mainnet-artifacts/releases/download/2022-04-11/genesis.json -O /serverdir/etc/genesis.json | |
| wget https://github.com/oasisprotocol/oasis-core/releases/download/v22.1.3/oasis_core_22.1.3_linux_amd64.tar.gz | |
| tar -xvzf oasis_core_22.1.3_linux_amd64.tar.gz | |
| cat > ~/oasis.service << EOF | |
| [Unit] | |
| Description=Oasis Validator Node | |
| After=network.target | |
| [Service] |
secxena
/ Kubernetes_Security_Checklist.md
Created
February 24, 2020 06:21
secxena
/ credcheck_services.json
Last active
December 16, 2019 15:36
Credcheck JSON blocks for different services
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "sendgrid": { | |
| "helper": { | |
| "_doc": "", | |
| "help": "TOKEN is required" | |
| }, | |
| "config": { | |
| "url": "https://api.sendgrid.com/v3/scopes", | |
| "args": { | |
| "headers": { |
secxena
/ AwesomeCourses.md
Created
September 2, 2019 21:27
— forked from teocci/AwesomeCourses.md
List of awesome university courses for learning Computer Science!
There is a lot of hidden treasure lying within university pages scattered across the internet. This list is an attempt to bring to light those awesome courses which make their high-quality material i.e. assignments, lectures, notes, readings & examinations available online for free.
secxena
/ Node.js Security Checklist
Created
August 5, 2018 18:56
— forked from gaboesquivel/Node.js Security Checklist
API Checklists
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Security - the elephant in the room. Everyone agrees that it is very important but few takes it seriously. We at RisingStack want you to do it right - this is why we have put together this checklist to help you guide through the must have security checks before your application is enabled to thousands of users/customers. | |
| Most of these items are general and applies to all languages and frameworks not just Node.js - however some of the tools presented are Node.js specific. You should also check our introductory Node.js security blogpost. | |
| Configuration Management | |
| Security HTTP Headers | |
| There are some security-related HTTP headers that your site should set. These headers are: |
secxena
/ postgres-kill-all-proc.md
Last active
July 11, 2018 07:12
postgres if locked.
SELECT
pg_terminate_backend(pid)
FROM
pg_stat_activity
WHERE
-- don't kill my own connection!
pid <> pg_backend_pid()
-- don't kill the connections to other databases
secxena
/ http-error-code-explained.md
Last active
June 26, 2018 08:36
Http error codes and their classes
HTTP Status Codes
Status codes are three-digit numbers. A 200 code is the most common and represents a successful response. The first digit defines what is known as the class of the status code. If the code starts with a 2, as in 200, that represents a successful response to the request.
HTTP returns five classes of codes.
- [1] Informational Class - 1xx ,101 Switching protocol.
- [2] Success Class - 2xx, 200 Success.
- [3] Redirection Class - 3xx, 302 Redirect.
- [4] Client errors - 4xx, 404 Not found.
secxena
/ git-feature-workflow.md
Last active
June 24, 2018 11:21
— forked from blackfalcon/git-feature-workflow.md
Git basics - a general workflow
$ git branch
$ git checkout master
$ git pull origin master
$ git checkout -b my-new-feature-branch
$ git add . or git add -u or git add -all
$ git commit -m "a commit message in the present tense"
$ git pull origin my-new-feature-branch -> if pending changes on server
$ git push origin my-new-feature-branch -> for pull request change branch to master
secxena
/ Dict-String-to-Datatype-dict-conversion.md
Last active
June 25, 2018 11:07
Dict string to python Dict conversion
To Check data type of a variable,mostly used for debuging purposes
$ repr(variable) or type(variable)
And if the variable is dict type string then
$ import ast
$ ast.literal_eval(variable)
Example
NewerOlder