AWS Projects


I'm relatively comfortable with a variety of Amazon Web Services, and it's one of my frequent selling points in both freelance and employment, so here I'll break down service by service what I've been up to.
Forensic Collection Stack
EC2
SQS
SQS
S3

Essentially Crypsaurus is a full forensic collection stack that, when registered with a client name, gives the consultant a Windows executable. It's incredibly similar to Google Turbinia, but generously predates it. When they run this executable, it transmits key data regarding the machine over an encrypted link using AWS SDK to S3. Once it lands in S3, it triggers an SNS notification, which triggers an SQS message and is then injested in "processors", effectively Docker containers sitting in EC2 that polls SQS for evidence and uploads analysis results. File conventions and configured prefixes ensure result data isn't processed as evidence data. All data is encrypted at rest. The full presentation I gave along with Paul at NovaHackers is available here.

All of this is using the AWS Ruby v2 SDK. The stack predates v3.
Slack Invites
Lambda
API Gateway

CloudWatch

A unique challenge we faced in starting our student organization at GMU was our funding was essentially just a series of limited AWS educational credits.This means we were limited quite aggressively in our cost solutions. I determined a serverless architecture would make the most sense with such a simple solution, so I developed an API endpoint in Python 2.7 that, provided a valid GMU ID (that is verified through another seperate call), invites their GMU email address into our student organization's Slack via my token.




Github Projects: Some Repos out of date
Project TitleDescriptionSource
mike-bailey.github.ioLiterally this website.Link
CCDC-ScriptsScripts to secure images. Adapting very gradually from CyberPatriot to industry grade.Link
hockey-hacksPHP page to hack together embedder code for hockey videos before we knew the call to autoplay. Favour for russianmachineneverbreaks. Also, a CLI client to dump play-by-plays of games, but that wasn't committed.Link
meaniechromeUsing the shell of AdBlocker, meaniechrome was intended to manipulate web content in a chrome browser through the delivery of arbitrary javascript via a remote hardcoded address. Limitations include Cross-Origin, HSTS, etc. For best results deliver the playload via HTTPS.Link
php-web-shellCovert, no-frills shell in the event someone gets arbitrary file upload or PHP code execution to escalate to code execution on unrestricted (shell_exec is unblocked) web servers.Link
scoringCyberPatriot has no practice scorebot for linux so I improvised one.Link
ducky_scriptsTemporary repository for payloads for my rubber ducky keystroke injection tool.Link
javalessonsRefresher for learning java. This was with the help of a community I belong to called "Day One" that assumes day one knowledge of a particular topicLink
rumpwnImplementation of the popular cipher cracking site "Rumkin" for Chrome's developer console to brute force just a little harder. Outdated repo and proved inefficient since you're restricted to the processing power of a browser...Link