Scripts written by Steve Stonebraker for Administration & Simluations

==============

Scripts written for interaction with the AWS cli

print accounts that exist remotely but do not exist in ~/.credentials file

• Add two network interface in ubuntu 12.04 in aws and route traffic properly to either ip
• Scope: Amazon EC2 Attach Elastic Network Interface (VPC)

Automates this manual process (from 4-10)

1. Start AMI in VPC
2. After boot attach secondary nic
3. Ensure both nic's have an external IP associated with it
4. configure new /etc/network/interfaces
5. restart networking
6. stop network-manger
7. ssh back in (ssh will flip to the other elastic ip)
8. add new ip route
9. flush ip route table
10. restart networking

More details at http://brakertech.com/aws-add-two-network-interfaces-in-ubuntu-12-04-precise/

print subnets from all vpcs across all profiles to a txt file

output all ec2 public IPs from all profiles in ~/.aws/config

Exports all route53 zones across all AWS accounts

Downloads a list of s3 objects (user provided) using multithreading (100 concurrent downloads at a time)

If you provide the file with a list of s3 buckets, it will enumerate every object in each bucket and output which objects are publicy accessible.

Generates a lambdaguard report for all profiles listed in ~/.aws/config

NTP Reflection and Amplification attack simlator

Requires:

• Net::RawIP
• System capable of sending raw packets

Displays currently installed perl modules

This has only been tested on an Ubuntu precise (12.04) server. This script will:

• Download the source code for Modsecurity version 2.7.4
• Ensure all required prerequisites are installed
• Install ModSecurity to /opt/modsecurity
• Create the recommended folder structure (from the ModSecurity book) under /opt/modsecurity
• Enable the relevant Apache Modules

Install the jwall audit console for modsecurity on an Ubuntu 12.04 machine

• install_aws_elasticsearch_cluster_node.sh
• upgrade_logstash_to_1.1.13.sh
• install_kibana3.sh

Will add the ${PATH} of the current shell to the crontab

Converts a text file with a list of CIDR ip blocks in to a saved hashset.

Sample lists of CIDR blocks available for US, Great Britain, Spain, Italy, and France

Performs a nslookup on all Solariburst malicious domains Purpose: To test Endpoint Detection Response and Network Monitoring Software

Performs the following:

1. Download your compressed rule hashes from an s3 bucket
2. Decompress
3. Install ipset
4. Add rules
5. Modify iptables to use the new rules

Will perform nslookup on a list of FQDNs in a file (provided via an argument)

Easily change your hostname on any debian based distribution

Example script will shred itself once ran

Example script will shred itself and the current directory (if empty)

This allows you to use a custom ssl decrypt cert from the keystore on the cli.

For use with Zscaler/ Palo Alto Global Protect SSL decryption.