RE: Main Pillars of Cloud Security

Ahhh the ol' CIA triad plus compliance!
CIAC!

Sig test

I see it.

Testingggg

Updated the script to include the source header names in the output!

import os
import csv
import re
import pandas as pd

# Set the path to the folder containing the CSV files
path = os.path.dirname(__file__)

# Initialize a list to store the data from each CSV file
data = []

# Iterate through each file in the folder
for filename in os.listdir(path):
    # Check if the file is a CSV file
    if filename.endswith('.csv'):
        # Open the file and read the data
        with open(os.path.join(path, filename), 'r') as f:
            reader = csv.reader(f)
            file_data = list(reader)  # Store the file data in a list
        # Check if the first row starts with "#TYPE", if so, skip it
        if file_data[0][0].startswith("#TYPE"):
            file_data = file_data[1:]
        # Get the headers
        headers = file_data[0]
        # Initialize a list to store the email column indices
        email_columns = []
        # Iterate through the columns to find the email columns
        for i, header in enumerate(headers):
                column_data = [row[i] for row in file_data[1:]]
                # Check if any of the values in the column are valid email addresses
                for value in column_data:
                    if re.match(r'[^@]+@[^@]+\.[^@]+', value):
                        email_columns.append(i)
                        break  # No need to check the rest of the values in this column
        # If there is more than one email column, prompt the user to choose one
        if len(email_columns) > 1:
            print(f'Multiple email columns found in {filename}:')
            for i, header in enumerate(headers):
                if i in email_columns:
                    print(f'{i}: {header}')
            email_column = int(input('Please select the email column by entering the corresponding number: '))
        elif len(email_columns) == 1:
            # If there is only one email column, use that one
            email_column = email_columns[0]
        else:
            # If there are no email columns, skip this file
            print(f'No email columns found in {filename}, skipping...')
            continue
        # Extract the email column data from the file
        file_data = [[row[email_column], f'{filename}-{headers[email_column]}', filename] for row in file_data[1:]]
        # Add the data from this file to the list
        data.extend(file_data)

# Create a results subfolder if it doesn't already exist
results_path = os.path.join(path, 'results')
if not os.path.exists(results_path):
    os.makedirs(results_path)

#Write the data to a CSV file in the results folder
with open(os.path.join(results_path, 'emails.csv'), 'w', newline='') as f:
    writer = csv.writer(f)
    writer.writerows(data)

#Read the CSV file into a pandas DataFrame
with open(os.path.join(results_path, 'emails.csv'), 'r') as f:
    first_line = f.readline().strip()
    if first_line.startswith("#TYPE"):
        df = pd.read_csv(f, names=['email', 'source', 'filename'], skiprows=[0])
    else:
        df = pd.read_csv(os.path.join(results_path, 'emails.csv'), names=['email', 'source', 'filename'])

#Create the pivot table
pivot_table = df.pivot_table(index='email', columns='source', aggfunc='size')

#Add a column showing the total number of accounts for each email address
pivot_table['total'] = pivot_table.sum(axis=1)

#Output the pivot table to a CSV file in the results folder
pivot_table.to_csv(os.path.join(results_path, 'pivot_table.csv'))

print('Done!')

import requests
from bs4 import BeautifulSoup
import time
from fake_useragent import UserAgent

ua = UserAgent()

while True:
    try:
        #create headers
        headers = {'User-Agent': ua.random}
        time.sleep(0)
        # Download the website's HTML
        response = requests.get("https://shop.flipperzero.one/", headers=headers)
        response.raise_for_status()
        html = response.text

        # Use BeautifulSoup to parse the HTML
        soup = BeautifulSoup(html, 'html.parser')

        # Check for the presence of "SOLD OUT"
        if soup.find("span", text="Sold out"):
            print("SOLD OUT still appears on the website.")
        else:
            print("SOLD OUT no longer appears on the website!")
    except requests.exceptions.RequestException as e:
        # handle error
        print(f'Error: {e}')
    except Exception as e:
        # handle other errors
        print(f'Error: {e}')
    finally:
        # Sleep for 1 hour
        time.sleep(60*60)

Every month I am faced with the tedious task of reconciling user accounts from multiple CSV files. The process involved manually scanning each file for email columns, and then consolidating the data into a single file for analysis.

I knew there had to be a better way, and I was determined to find it. After doing some research, I discovered that I could use Python to automate the task.

To help me write the code, I used ChatGPT, a powerful language model that could generate code based on natural language descriptions. With ChatGPT's assistance, I was able to quickly and easily develop a script that could accomplish my desired task.

The script saved me an hour of work on its first run.

This is amazing. If you want it, lemme know. I can share it.

Welcome to the Cybersecurity Forum! We are a community of cybersecurity professionals and enthusiasts who come together to discuss the latest trends, share knowledge and experiences, and exchange ideas. If you're new to the group, we encourage you to introduce yourself and let us know a little bit about your background and interests in cybersecurity. Here are a few example questions to get you started:

What first sparked your interest in cybersecurity?
What is your current role in the cybersecurity field?
Do you have any areas of expertise that you'd like to share with the group?
What are some of your favorite tools or resources for staying up-to-date on the latest trends in cybersecurity?
Do you have any hobbies or interests outside of cybersecurity?

Remember to keep it fun and don't be afraid to share a little bit about yourself!
We look forward to getting to know you and having you as an active member of the CSF community.

@Cybery There are a few ways Green makes cybersecurity training more fun:

• Gamified cybersecurity training
• Interactive training content
• Real-world examples and case studies
• Storytelling-based training
• Humorous training approaches
• Simulated phishing attacks
• Social engineering assessments
• Expert guidance from experienced cybersecurity professionals

@Cybery According to some conspiracy theorists, the production of Fortaleza tequila is not what it seems. They believe that the tequila is actually made from a secret, ancient recipe that includes rare and exotic ingredients. Some even claim that the recipe includes ingredients that have magical properties, which gives the tequila its unique taste and effects.

There are also rumors that the production of Fortaleza tequila is closely guarded by a secret society of tequila makers, who are sworn to secrecy about the true nature of the drink. It is said that the society will stop at nothing to protect the recipe, including using violence against those who try to uncover its secrets.

Despite the rumors and conspiracy theories, Fortaleza tequila remains a popular and highly respected brand, with a devoted following of fans who swear by its unique taste and effects. Whether or not the conspiracy theories are true, one thing is certain: Fortaleza tequila will always have a place in the hearts and minds of tequila lovers everywhere.

Just kidding! This was a ChatGPT response for "write a fake conspiracy about Fortaleza tequila"

Intro

An IP address is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. It consists of two parts: the network portion and the host portion. The network portion identifies the network that the device is part of, while the host portion identifies the device itself within the network.

CIDR

In CIDR notation, the number after the slash (/) represents the number of bits used for the network portion of the address. This is known as the prefix.

For example, a network prefix of /24 means that the first 24 bits of the IP address represent the network portion, and the last 8 bits represent the host portion. In binary, this would look like:

Network portion: 11111111.11111111.11111111.00000000
Host portion:
00000000

The lowest IP address in the subnet would be the one with all zero host bits:
11111111.11111111.11111111.00000000

The highest IP address would be the one with all one host bits:
11111111.11111111.11111111.11111111

Subnet examples

/24

For example, consider the following IP address written in
CIDR notation: 192.168.0.0/24

Prefix: /24
Lowest IP: 192.168.0.0
Highest IP: 192.168.0.255
Possible hosts: 256

In this case, the prefix is /24, which means that the first 24 bits of the address are used for the network portion, and the last 8 bits are used for the host portion. There are 2^8 (256) possible values for the host portion, which corresponds to the number of hosts that can be part of the network.

/16

On the other hand, consider the following IP address written in CIDR notation: 10.0.0.0/16

Prefix: /16
Lowest IP: 10.0.0.0
Highest IP: 10.0.255.255
Possible hosts: 65,536

In this case, the prefix is /16, which means that the first 16 bits are used for the network portion, and the last 16 bits are used for the host portion. There are 2^16 (65,536) possible values for the host portion, or a larger number of hosts that can be part of the network.

In general, a larger prefix (e.g. /24) means that there are fewer hosts that can be part of the network, while a smaller prefix (e.g. /16) means that there are more hosts that can be part of the network.

Hi CSF fam!!! Finally, as an adult, I found my favorite toy... ever. Just bought it.

As a cybersecurity enthusiast, I am always on the lookout for powerful tools that can help me explore and test the vulnerabilities of digital systems. Flipper Zero is exactly the kind of tool that fits the bill. This portable multi-tool is designed specifically for pentesters and tech enthusiasts, and it is packed with features that allow users to interact with a wide range of digital systems. From radio protocols and access control systems to hardware and more, Flipper Zero has the capability to explore it all.

But it's not just the versatility of Flipper Zero that makes it such a powerful tool - it's also its customization options. With a microSD card slot, USB Type-C port, and GPIO pins, users can extend the capabilities of Flipper Zero in any way they see fit. This makes it a truly unique and powerful tool for cybersecurity enthusiasts.

Of course, with great power comes great responsibility. Flipper Zero is an incredibly powerful tool, and it could be dangerous in the wrong hands. That's why these devices are so rare - they often get held up at customs, especially in the Netherlands. But for those who are able to get their hands on one, Flipper Zero is sure to be a valuable asset in the world of cybersecurity.

Ahhh the ol' CIA triad plus compliance!
CIAC!

A thread for sharing tips and advice for those seeking careers in cybersecurity