If the script is good, please do leave a star □Īnd like how I always end my post, is to say “Thanks for reading and have a good day peeps. I would really love the community to check it out. Hence, I would like my readers to provide me constructive criticism, give me feedback on what to improve or add on to the script. I always believe that other people view of codes are different and in some ways help to improve ones coding skill when people share their opinion. Thus writing this post, I would like my readers to visit my Github, and do a code review. However, my belief is that the scripts I created is to be improve it to make it better for the community. I was able to successfully finished it and published it on GitHub.įor me publishing something on github really gave me a sense of accomplishment. Audits the MSSQL Server against the CIS-benchmark, and looks at all users, roles and their rights. Examples, like where do I append the results to? What are the variables needed and in which direction should the script executed?Īll this planning and writing out a script/product really challenge myself, to use my understanding of Linux, bash and the solution provided from CIS-Benchmark, to piece it together to write out an auditing script.Īt the end of 3 months plus of hard work and pulling my hair out because of bugs in the script. It was quite interesting for me because I have to plan the flow of my scripts from top to bottom. The script checks from the filesystem to the network, permissions of the files and users etc. The audit script created was to audit CentOS 8, a linux based operating system. So, the reason I have not been publishing any CTF writeup, was because I was working on my first ever project, to develop an auditing script to automate the checklist from CIS Benchmark. I will not be publishing any ctf soon, maybe later in the year or so. I was busy with a project which I would be sharing on this post. Now run cloudquery policy run aws//cis_v1.2.Hi guys, its been a long time since I have posted something on this blog post. That runs all CIS checks with SQL statements so you know SQL you can easily customized it to your needs. We've created CloudQuery policy pack (opens in a new tab) This will fetch all specified resources in all regions and in all accessible accounts (or specific accounts if specified). Now the money time! run cloudquery fetch. To generate the default config.yml run cloudquery init aws which will output a config.yml ready to use in the current directory. We will use the default that specifiesĪll the resources that are currently supported (you can customize it and comment out things you don't want). To fetch the data you first need to specify which resources you want to fetch.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |