Adding rss validation

2024-06-27 12:55:32 -05:00
5 changed files with 17 additions and 121 deletions
--- a/Articles/Lunch-And-Learns.md
+++ b/Articles/Lunch-And-Learns.md
@@ -0,0 +1,14 @@
+I've had a request to do some lunch-and-learns about the AniNIX, how we self-host, and how we manage some of our tools. We'll burn roughly the first 30-45 minutes talking through some concepts of how the AniNIX does what it does -- the rest of the time will be an open floor to ask anything you'd like.
+
+We are going to use [Discord](https://discord.gg/2bmggfR), just for bandwidth reasons and ease of setup, to host the call.
+* If you don't have a Discord account, it's pretty easy to sign up. Just swing by our Discord link and ask for the Lunch&Learn role after creating your account.
+* We are taking questions by IRC for those folks looking for a little more anonymity.
+
+Due to real-life obligations, the livestream portions are paused but we will be opening the floor for discussions each week with a commit and some discussion on its relevance. Hope to see you in the channel!
+<!--
+We are testing live-streaming to [Twitch](https://www.twitch.tv/darkfeather0664) and [YouTube](https://www.youtube.com/channel/UCe-WNM2mbI51xoVZp3K_wFQ). If you're interested but not ready to join the Discord community, those options are open to you.
+-->
+
+<!-- We hope to see you there! [Click this Google Calendar link](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=bzk4YmplZWpvdW52NWNoZjZna2dtZTNlNWJfMjAyMzExMjNUMTgwMDAwWiBjeGZvcmRAbQ&tmsrc=cxford%40gmail.com&scp=ALL) to add it to your calendar -- we'll be meeting in the 1200-1300 [US Central](https://time.is/CT) block on Thursdays.
+
+There's no listed schedule of topics right now -- request some on IRC or Discord!-->
--- a/Policies/Pentesting_And_CTF_Team.md
+++ b/Policies/Pentesting_And_CTF_Team.md
@@ -1,29 +0,0 @@
-# Overview
-
-The AniNIX is looking to put together a penetration testing, ethical hacking, and cyber capture-the-flag team. The purpose of the group is to develop competent & ethical professionals, break down cybersecurity gatekeeping, and improve the Internet community writ large. The code name for this team is the `3NCLAVE`.
-
-# Requirements to Join
-
-In order to join this team, you must meet the following requirements:
-
-* Have a Discord account and a Hack The Box account.
-* Proficiency with Kali Linux or other hacking distribution, IRC, and Git.
-* Have a demonstrated body of work in computing, primarily in a Linux environment.
-  * This can be a home lab, provided it can be demonstrated in a Discord screen share or by external access
-  * This can be GitHub, HackerOne, BugCrowd, etc. accounts with activity.
-  * This can be a career in IT -- ideally, this should be able to be validated with a coordinated challenge and answer to a professional email address or phone number
-* Have a willingness to learn and ethical mindset
-* Be sponsored by a current team member
-* Be willing to comply with the AniNIX [User Ethics](/AniNIX/Wiki/src/branch/main/Policies/User_Ethics.md)
-
-# Operation
-
-This organization will function as a semi-democratic collective. The Owners group as captured in AniNIX/Foundation will retain veto powers & ownership of the IP. Otherwise, any group member may propose participating in bug bounty or capture-the-flag event through IRC & Discord -- the rest of the group can opt into this activity as they're able & interested. Proposals to changes in operation, methods, etc. will be discussed through issues on this platform & solidified through 2/3 majority approval in a merge request. Other operational procedures will be discussed in the group project repo.
-
-When members are approved, they will be added to the appropriate project on AniNIX/Foundation. More details on our operation will be controlled to that location.
-
-# What Do We Do
-
-This organization is an ethical hacking group. This means that we comply, as much as possible, to ethical & legal frameworks. We will only attempt to compromise systems that we have been authorized, in writing, to inspect. These authorizations will either come in the form of lab files shared by our members to be tested in firewalled or air-gapped home labs, bug bounty postings, or official capture-the-flag events being hosted by organizations like Hack The Box. Members are specifically not authorized to test exploits & vulnerabilities on the community writ large.
-
-When ethics conflicts with legality, ethics wins via civil disobedience. That is, if we were to receive a court order compromising the security of our members, operation will cease. If law were to outlaw cybersecurity research, we would pivot to be a bug-fixing development group instead. The fundamental rule is to do good without disrupting systems that people need and to find collaborative ways to contribute to the world.
--- a/precommit-hooks/rss
+++ b/precommit-hooks/rss
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+# Implement https://cweiske.de/tagebuch/atom-validation.htm
--- a/rss/aninix.xml
+++ b/rss/aninix.xml
@@ -11,17 +11,6 @@

    <id>https://aninix.net/</id>

-    <entry>
-        <title>Lunch-and-Learns Ended</title>
-        <link href="https://aninix.net/aninix.xml#lnl-ended"></link>
-        <updated>2024-04-25T17:21:00Z</updated>
-        <id>https://aninix.net/aninix.xml#lnl-ended</id>
-        <summary>
-            AniNIX will be ending the Lunch-and-Learn series for the time being -- we aren't seeing enough engagement, and admins will be otherwise tasked for the near future. Please still reach out on Discord or IRC if there are topics you want to talk about, or open an issue or merge request with your ideas.
-        </summary>
-    </entry>
-
-
    <entry>
        <title>Lunch-and-Learns Paused 20240502 through 20240627</title>
        <link href="https://aninix.net/aninix.xml#lnl-pause-20240502"></link>
--- a/rss/osint.xml
+++ b/rss/osint.xml
@@ -64,85 +64,4 @@
        </summary>
    </entry>

-    <entry>
-        <title>Attack Flood from CN, BR, KZ, and DigitalOcean</title>
-        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#attack-flood-2022-12-23"></link>
-        <updated>2022-12-23T18:19:59Z</updated>
-        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#attack-flood-2022-12-23</id>
-        <summary>
-            <p>Starting 2022/12/18, the AniNIX saw a rapid increase of threat traffic from subnets attributed to CN, BR, and KZ country codes -- this coincided with a concerted campaign being run from hosting provider DigitalOcean. While APT-style campaigns from CN are more or less expected, the large amount of traffic from DigitalOcean suggests the advent of a new campaign from that vendor. Other AniNIX users have reported similar attacks originating from DigitalOcean, but blocking the entire provider cuts off access to some local resources.</p>
-            <p>We are blocking the following subnets in response to this threat data: 8.213.129.0/24, 36.92.107.0/24, 43.157.15.0/24, 45.162.216.0/22, 46.101.128.0/17, 46.101.80.0/20, 61.177.0.0/16, 62.87.132.0/22, 64.227.0.0/17, 82.180.132.0/23, 85.152.0.0/17, 92.46.64.0/18, 159.223.0.0/16, and 218.92.0.0/16. If you have legitimate resources living in these spaces, we recommend hardening those resources and contacting us via Discord or IRC to receive an exception.</p>
-        </summary>
-    </entry>
-
-    <entry>
-        <title>78.128.113.166/32</title>
-        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#78.128.113.166"></link>
-        <updated>2022-12-15T01:59:59Z</updated>
-        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#78.128.113.166</id>
-        <summary>
-            78.128.113.166/32 was detected using a variety of attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection methods and cross-site scripting. Total attack volume was 363.
-        </summary>
-    </entry>
-
-    <entry>
-        <title>141.98.9.24/32</title>
-        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#141.98.9.24"></link>
-        <updated>2022-09-30T21:59:59Z</updated>
-        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#141.98.9.24</id>
-        <summary>
-            141.98.9.24/32 was detected using a variety of attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL queries by URI, including "Attempt To Access MSSQL xp_cmdshell Stored Procedure Via URI". Total attack volume was 184.
-        </summary>
-    </entry>
-
-    <entry>
-        <title>31.184.195.114/32</title>
-        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#31.184.195.114"></link>
-        <updated>2022-09-30T21:59:59Z</updated>
-        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#31.184.195.114</id>
-        <summary>
-            31.184.195.114/32 was detected using a variety of attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as attempted administrator gain, lwp-download, and CVE-2014-6271 exploits. Total attack volume was 254.
-        </summary>
-    </entry>
-
-    <entry>
-        <title>81.19.136.5/32</title>
-        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#81.19.136.5"></link>
-        <updated>2022-09-30T21:59:59Z</updated>
-        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#81.19.136.5</id>
-        <summary>
-            81.19.136.5/32 was detected using web application attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection attacks. Total attack volume was 1079.
-        </summary>
-    </entry>
-
-    <entry>
-        <title>194.165.16.68/32</title>
-        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#194.165.16.68"></link>
-        <updated>2022-09-30T21:59:59Z</updated>
-        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#194.165.16.68</id>
-        <summary>
-            194.165.16.68/32 was detected using web application attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection attacks. Total attack volume was 184.
-        </summary>
-    </entry>
-
-    <entry>
-        <title>91.191.209.54/32</title>
-        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#91.191.209.54"></link>
-        <updated>2022-09-26T02:16:20Z</updated>
-        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#91.191.209.54</id>
-        <summary>
-            91.191.209.54/32 was detected using web application attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection attacks. Total attack volume was 1080.
-        </summary>
-    </entry>
-
-    <entry>
-        <title>194.165.17.9/32</title>
-        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#194.165.17.9"></link>
-        <updated>2022-09-26T02:16:20Z</updated>
-        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#194.165.17.9</id>
-        <summary>
-            194.165.17.9/32 was detected using web application attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection attacks. Total attack volume was 184.
-        </summary>
-    </entry>
-
 </feed>