Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!
openssl genrsa -des3 -out rootCA.key 4096
iguy0
iguy0
/ self-signed-certificate-with-custom-ca.md
Created
May 22, 2022 05:38
— forked from fntlnz/self-signed-certificate-with-custom-ca.md
Self Signed Certificate with Custom Root CA
iguy0
/ mail-exchange-2019.md
Created
October 20, 2021 00:31
— forked from pishangujeniya/mail-exchange-2019.md
Configuring and installing Mail Exchange 2019
Download and install the prerequisites
iguy0
/ SysmonBeats_Procmon_Bro-ELK.json
Created
January 25, 2021 03:41
— forked from Kvetch/SysmonBeats_Procmon_Bro-ELK.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| beats { | |
| type => "beats" | |
| port => 5044 | |
| #codec => json | |
| } | |
| file { | |
| type => "procmon" | |
| ############ CHANGE ################### | |
| path => "/ELK/Analysis/LogFile.CSV" |
iguy0
/ Security Engineer - Interview Questions
Created
December 16, 2020 19:02
— forked from namishelex01/Security Engineer - Interview Questions.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. What is information security and how is it achieved? | |
| 2. What are the core principles of information security? | |
| 3. What is non-repudiation (as it applies to IT security)? | |
| 4. What is the relationship between information security and data availability? | |
| 5. What is a security policy and why do we need one? | |
| 6. What is the difference between logical and physical security? Can you give an example of both? | |
| 7. What’s an acceptable level of risk? | |
| 8. What are the most common types of attacks that threaten enterprise data security? | |
| 9. What is the difference between a threat and a vulnerability? | |
| 10. Can you give me an example of common security vulnerabilities? |
iguy0
/ roycewilliams-github-starred.md
Created
December 4, 2020 20:09
— forked from roycewilliams/roycewilliams-github-starred.md
roycewilliams-github-starred.md
- https://github.com/003random/003Recon
- https://github.com/0x09AL/RdpThief
- https://github.com/0x27/ssh_keyscanner
- https://github.com/0x4a0x72/pwnedless
- https://github.com/0x4D31/fatt
- https://github.com/0x4D31/honeyLambda
- https://github.com/0x6470/bitwarden2hashcat
- https://github.com/0x6d69636b/windows_hardening
iguy0
/ README.md
Created
November 29, 2020 00:34
— forked from qdm12/README.md
Wireguard and iptables restrictions for multiple users
If you don't know what Wireguard is, well, you should. It's fast, easy to setup and highly configurable. We will configure Wireguard for multiple users with various restrictions using iptables.
This should fit most setups (not mine though 😉)
On your proxmox server edit /etc/interfaces and add a vmbr1 interface like so
auto lo
iface lo inet loopback
auto vmbr0
iface vmbr0 inet static
address 167.114.101.88
netmask 255.255.255.0
iguy0
/ har_instructions.md
Created
October 14, 2020 15:01
— forked from legrego/har_instructions.md
Kibana HAR Instructions
A HAR archive of the network timings from a compatible browser is extremely useful in pinpointing which issues with Kibana talking to Elasticsearch.
Please note that HAR archives contain sensitive information:
- content of the pages you downloaded while recording
- your cookies, which will allow anyone with the HAR file to impersonate your account
- all the information that you submitted to your browser while recording (i.e., search values, authentication details).
iguy0
/ renew-letsencrypt-certificates.sh
Created
October 3, 2020 15:31
— forked from andygock/renew-letsencrypt-certificates.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # renew-letsencrypt-certificates.sh DOMAIN [EMAIL] | |
| # | |
| # Copy Let's Encrypt SSL certs from a remote public facing web server to local filesystem | |
| # Look for changes, if any change, restarts the web service | |
| # Useful for using Let's Encrypt with local internal servers, with custom DNS. | |
| # Working "mail" command needed for email alerts | |
| # |
iguy0
/ gist:f5db1b862f7c29e7e94372942778a57f
Created
July 24, 2020 18:31
— forked from jyap808/gist:8700714
Rsync - via SSH with no password, utilizing SSH ForceCommand in the authorized_keys file to limit the commands that can be run with that SSH key
To make rsync both secure and automated (i.e : non-interactive), you can use SSH as the transport and set up a key pair. This is what will be discussed in this post, along with a few improvements.
Let’s first ensure that rsync works correctly over ssh :
spaghetti% rsync -avz -e ssh --delete Documents prodigy:/tmp
Password: