pyark - CyberArk Enterprise Password Vault API CLI tool

  •        498

Pyark is a small python-based CLI tool, which allows you to interact with the CyberArk Enterprise Password Vault API.Furthermore it's important to know which version of the CyberArk Password Vault is used as only the newest versions expose all API endpoints. Make sure to double check the API documentation, specific for your version, in case the tool fails to interact with the API.

https://github.com/adfinis-sygroup/pyark

Tags
Implementation
License
Platform

   




Related Projects

aws-vault - A vault for securely storing and accessing AWS credentials in development environments

  •    Go

Securely store and access credentials for AWS. AWS Vault stores IAM credentials in your operating systems secure keystore and then generates temporary credentials from those to expose to your shell and applications. It's designed to be complementary to the aws cli tools, and is aware of your profiles and configuration in ~/.aws/config. Check out the announcement blog post for more details.

kube2iam - kube2iam provides different AWS IAM roles for pods running on Kubernetes

  •    Go

Provide IAM credentials to containers running inside a kubernetes cluster based on annotations.Traditionally in AWS, service level isolation is done using IAM roles. IAM roles are attributed through instance profiles and are accessible by services through the transparent usage by the aws-sdk of the ec2 metadata API. When using the aws-sdk, a call is made to the ec2 metadata API which provides temporary credentials that are then used to make calls to the AWS service.

aws-iam-authenticator - A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

  •    Go

A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project recieves contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS IAM credentials to provision and update the cluster. By using AWS IAM Authenticator for Kubernetes, you avoid having to manage a separate credential for Kubernetes access. AWS IAM also provides a number of nice properties such as an out of band audit trail (via CloudTrail) and 2FA/MFA enforcement.

api-gateway-secure-pet-store - Amazon API Gateway sample using Amazon Cognito credentials through AWS Lambda

  •    Objective-C

The Secure Pet Store sample is an application built in Java for AWS Lambda. It uses Amazon API Gateway to expose the Lambda function as HTTP endpoints and uses Identity and Access Management (IAM) and Amazon Cognito to retrieve temporary credentials for a user and authorize access to its APIs with.The application needs to be modified to reflect the resource names created above. After adapting the configuration you package the application and deploy it as an AWS Lambda function with the necessary execution role.

api-gateway-secure-pet-store - Amazon API Gateway sample using Amazon Cognito credentials through AWS Lambda

  •    Objective-C

The Secure Pet Store sample is an application built in Java for AWS Lambda. It uses Amazon API Gateway to expose the Lambda function as HTTP endpoints and uses Identity and Access Management (IAM) and Amazon Cognito to retrieve temporary credentials for a user and authorize access to its APIs with. The application needs to be modified to reflect the resource names created above. After adapting the configuration you package the application and deploy it as an AWS Lambda function with the necessary execution role.


ArchiSteamFarm - C# application that allows you to farm steam cards using multiple steam accounts simultaneously

  •    CSharp

ASF is a C# application that allows you to farm steam cards using multiple steam accounts simultaneously. Unlike Idle Master which works only for one account at given time, requires steam client running in background, and launches additional processes imitating "game playing" status, ASF doesn't require any steam client running in the background, doesn't launch any additional processes and is made to handle unlimited steam accounts at once. In addition to that, it's meant to be run on servers or other desktop-less machines, and features full cross-OS support, which makes it possible to launch on any .NET Core-supported operating system, such as Windows, Linux or OS X. ASF is possible thanks to gigantic amount of work done in marvelous SteamKit2 library. ASF doesn't require and doesn't interfere in any way with Steam client. In addition to that, it doesn't require exclusive access to given account, which means that you can use your main account in Steam client, and use ASF for idling the same account at the same time. If you decide to launch a game, ASF will get disconnected, and resume idling once you finish playing your game, being as transparent as possible during entire process.

hologram - Easy, painless AWS credentials on developer laptops.

  •    Go

Storing your AWS keys in source code is a Real Bad Idea, but few good options exist to mitigate this risk that aren't terribly inconvenient. Hologram aims to change this. EC2 has a feature called "IAM Roles" where a special endpoint in the instance metadata service (http://169.254.169.254/...) exposes temporary AWS API access credentials that have permissions defined by the instance's Role, configured at launch time. In this way, applications can be designed that do not require secret keys checked into their repositories at all, and the chance of malicious key usage is reduced. This service only exists in EC2, but Hologram brings it to non-EC2 hosts, so that developers can run the same software with the same credentials source as in production.

gitrob - Reconnaissance tool for GitHub organizations

  •    Ruby

Gitrob is a command line tool which can help organizations and security professionals find sensitive information lingering in publicly available files on GitHub. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information. Looking for sensitive information in GitHub repositories is not a new thing, it has been known for a while that things such as private keys and credentials can be found with GitHub's search functionality, however Gitrob makes it easier to focus the effort on a specific organization.

metadataproxy - A proxy for AWS's metadata service that gives out scoped IAM credentials from STS

  •    Python

The metadataproxy is used to allow containers to acquire IAM roles. By metadata we mean EC2 instance meta data which is normally available to EC2 instances. This proxy exposes the meta data to containers inside or outside of EC2 hosts, allowing you to provide scoped IAM roles to individual containers, rather than giving them the full IAM permissions of an IAM role or IAM user. See the settings file for specific configuration options.

anchore - Legacy Anchore container analysis, inspection and control toolset

  •    Python

Anchore is a set of tools that provides visibility, transparency, and control of your container environment. With anchore, users can analyze, inspect, perform security scans, and apply custom policies to container images within a CI/CD build system, or used/integrated directly into your container environment. This repository contains the anchore analysis scanner tool (with a basic CLI interface), which can be appropriate for lower-level integrations - for new users and current users who have been looking to deploy Anchore as a centralized service with an API, an open source project called the Anchore Engine has been released (with its own light-weight client CLI) which extends the capabilities of anchore beyond what usage of this scanner tool alone can provide. The project page links are below, which include installation/quickstart instructions, API documents and usage guides.

aws-mfa - Manage AWS MFA Security Credentials

  •    Python

aws-mfa makes it easy to manage your AWS SDK Security Credentials when Multi-Factor Authentication (MFA) is enforced on your AWS account. It automates the process of obtaining temporary credentials from the AWS Security Token Service and updating your AWS Credentials file (located at ~/.aws/credentials). Traditional methods of managing MFA-based credentials requires users to write their own bespoke scripts/wrappers to fetch temporary credentials from STS and often times manually update their AWS credentials file. short-term - A temporary set of credentials that are generated by AWS STS using your long-term credentials in combination with your MFA device serial number (either a hardware device serial number or virtual device ARN) and one time token code. Your short term credentials are the credentials that are actively utilized by the AWS SDK in use.

eksctl - a CLI for Amazon EKS

  •    Go

eksctl is a simple CLI tool for creating clusters on EKS - Amazon's new managed Kubernetes service for EC2. It is written in Go, and uses CloudFormation. You will need to have AWS API credentials configured. What works for AWS CLI or any other tools (kops, Terraform etc), should be sufficient. You can use ~/.aws/credentials file or environment variables. For more information read AWS documentation.

aws-serverless-auth-reference-app - Serverless reference app and backend API, showcasing authentication and authorization patterns using Amazon Cognito, Amazon API Gateway, AWS Lambda, and AWS IAM

  •    TypeScript

SpaceFinder is a reference mobile app that allows users to book conference rooms, work desks, and other shared resources. The app showcases serverless authentication and authorization using the AWS platform.The mobile front-end is built using the Ionic 3 framework and client libraries to call AWS services and mobile backend APIs. The backend APIs themselves are powered by AWS services. The backend APIs are built using a serverless architecture, which makes it easy to deploy updates, and it also means that there are no servers to operationally manage.

Astra - Automated Security Testing For REST API's

  •    Python

REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral part of their process, so they can detect and patch vulnerabilities early during development cycle. Astra can automatically detect and test login & logout (Authentication API), so it's easy for anyone to integrate this into CICD pipeline. Astra can take API collection as an input so this can also be used for testing apis in standalone mode.

Securely Available Credentials

  •    Java

SACRED (Securely Available Credentials) is an IETF framework and protocol for credential portability to allow secure, authenticated access to security credentials. This project provides SACRED client and server implementations.

pusher-http-ruby - Ruby server library for the Pusher API | owner=@vivangkumar

  •    Ruby

After registering at http://pusher.com configure your app with the security credentials. Creating a new Pusher client can be done as follows.

HTTPie - a CLI, cURL-like tool for humans

  •    Python

HTTPie (pronounced aitch-tee-tee-pie) is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output. HTTPie can be used for testing, debugging, and generally interacting with HTTP servers.

trigger - Trigger is a robust network automation toolkit written in Python that was designed for interfacing with network devices

  •    Python

Trigger is a robust network automation toolkit written in Python that was designed for interfacing with network devices and managing network configuration and security policy. It increases the speed and efficiency of managing large-scale networks while reducing the risk of human error. Started by the AOL Network Security team in 2006, Trigger was originally designed for security policy management on firewalls, routers, and switches. It has since been expanded to be a full-featured network automation toolkit.