Skip to content

Instantly share code, notes, and snippets.

View ageis's full-sized avatar
💭
available for hire in Bay Area https://cointel.pro/resume

Kevin M. Gallagher ageis

💭
available for hire in Bay Area https://cointel.pro/resume
386 followers · 2.7k following
View GitHub Profile
@ageis
ageis / fwblocks.pl
Created May 2, 2018 18:10
Perl script for processing+merging multiple iptables/UFW logs
#!/usr/bin/perl
use strict;
use warnings;
use autodie;
use DBI;
use utf8;
use Scalar::Util qw(looks_like_number);
use Data::Validate::IP qw( is_public_ip is_linklocal_ip is_loopback_ip is_private_ip );
use Geo::IP;
use File::Tail;
@ageis
ageis / .config
Created May 3, 2018 09:29
Linux stable config hardening options
CONFIG_GCC_PLUGIN_LATENT_ENTROPY=y
CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
CONFIG_GCC_PLUGIN_RANDSTRUCT=y
CONFIG_CC_STACKPROTECTOR_STRONG=y
CONFIG_MODULE_SIG_FORCE=y
CONFIG_DEBUG_SG=y
CONFIG_DEBUG_NOTIFIERS=y
CONFIG_DEBUG_CREDENTIALS=y
CONFIG_IO_STRICT_DEVMEM=y
CONFIG_SECURITY_YAMA=y
@ageis
ageis / kdf-do-setup.sh
Created May 14, 2018 09:15
OpenPGP KDF-DO setup script for smartcards
#! /bin/bash
# Original author: NIIBE Yutaka <gniibe@fsij.org>
# URL: https://dev.gnupg.org/T3823
# Usage: ./kdf-do-setup.sh
GPG_CONNECT_AGENT=gpg-connect-agent
PW_USER="123456"
PW_ADMIN="12345678"
@ageis
ageis / ini_file.py
Created March 18, 2019 23:23
INI lookup plugin with ConfigObj instead of ConfigParser
# (c) 2019 Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = """
lookup: ini_file
author: Kevin Gallagher <kevingallagher@gmail.com>
version_added: "2.0"
short_description: read data from a ini file
@ageis
ageis / certdata2bundle.py
Last active April 28, 2019 12:57
certdata2bundle.py — retrieves Mozilla/NS root trust store, re-encodes DER/base64 as PEM bundle sans metadata
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# vim:set et sw=4:
#
# certdata2bundle.py
# retrieves CA certificates from the Mozilla/NSS root trust store in base64/DER
# format and re-encodes them as a concatenated PEM bundle sans metadata
# writes all CA certificates to /etc/ssl/cacerts.pem
#
# Copyright (C) 2019 Kevin M. Gallagher <kevingallagher@gmail.com>
@ageis
ageis / getframes.py
Last active May 1, 2019 06:17
Extract JPEG frames from video while applying optional magnification/cropping/sharpening/contrast enhancement; specify the duration/section or use keyframes/one frame per second, etc.
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# coding: utf-8
from __future__ import unicode_literals
from __future__ import print_function
import argparse
import re
import json
@ageis
ageis / zcash-monitor.md
Last active September 16, 2019 16:41
Prometheus exporter for monitoring statistics of Zcash daemon

zcash-monitor.py

This is a script written in Python intended to run alongside a Zcash node and export statistics for monitoring purposes. It assumes the existence of zcash-cli in the PATH and access to the RPC interface over localhost.

It tracks stuff like: block height, difficulty, number of peers, network solutions per second, errors, mempool size, size of recent blocks, number of transactions within blocks, chaintips, total bytes received and sent, transaction inputs and outputs, and the make-up of transactions in terms of JoinSplits, shielded, unshielded or mixed. These Zcash metrics are refreshed once every 2 minutes.

How it works

Prometheus is a monitoring system and time-series database.

@ageis
ageis / channel-prefs.js
Last active September 17, 2019 16:56
@ageis's Firefox user settings (9/16/2019), hardened for security, privacy, and anti-fingerprinting, with some exceptions. Install into your profile, enter into about:config, replace channel-prefs or just use ghacks: https://github.com/ghacksuserjs/ghacks-user.js
user_pref("accessibility.force_disabled", 1);
user_pref("alerts.showFavicons", false);
user_pref("app.normandy.api_url", "");
user_pref("app.normandy.enabled", false);
user_pref("app.shield.optoutstudies.enabled", false);
user_pref("app.update.auto", false);
user_pref("app.update.channel", "aurora");
user_pref("app.update.enabled", true);
user_pref("app.update.service.enabled", true);
@ageis
ageis / alerts.json
Created November 20, 2019 21:44
alertmanager2es index template mappings
{
"template": "alerts-*",
"settings": {
"number_of_shards": 1,
"number_of_replicas": 1,
"index.refresh_interval": "10s",
"index.query.default_field": "groupLabels.alertname"
},
"index_patterns": ["alerts-*"],
"mappings": {
@ageis
ageis / GRUB_CMDLINE_LINUX_DEFAULT
Last active January 16, 2021 06:49
some kernel boot args LOL
acpi_irq_nobalance
acpi_os_name=Linux
acpi_osi=Linux
acpi=force
add_efi_memmap
agp=off
apparmor=0
audit_backlog_limit=16384
audit_rate_limit=0
audit=0