Azure Pipelines Cheatsheet

This is a great alternative to Travis CI or Circle CI. I've been using it quite a bit for a number of projects recently, and have been very happy with the results. Test a github project without committing If you want to debug a pipeline without committing code to your…

LastPass CLI Cheatsheet

Login To get started, you have to login: lpass login <your email address> Get a password This will grab a password from LastPass via the cli. lpass show <name of password> |grep txtPassword | awk '{print $2}' | tr -d '\n'…

Kubernetes Cheatsheet

List all containers kubectl get pods --all-namespaces -o=custom-columns=NameSpace:.metadata.namespace,NAME:.metadata.name,CONTAINERS:.spec.containers[*].name Resource: https://serverfault.com/questions/873490/how-to-list-all-containers-in-kubernetes By namespace kubectl get pods -n <namespace> Check for insecure kubelet API access From the host curl -k https://localhost:10250/pods…

AWS Pentesting

Post Exploitation This is a good place to start if you've got credentials. Set credentials for AWS cli Add the credentials to ~/.aws/credentials. It should look something like this: [default] aws_access_key_id=AKIAIOSFODNN7EXAMPLE aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY aws_session_token=AQoDYXdzEJr...<remainder of…

IOS Pentesting Cheatsheet

Jailbreaking At the time of this writing, only up to version 12.1.2 of iOS can be jailbroken. While it is theoretically possible to downgrade the version, it is a giant hassle and I was not able to find a fully working solution over the span of several hours…