Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
automating the world

Apollo Clark apolloclark

💭
automating the world
View GitHub Profile
View postgres cheatsheet.md

Postgres Cheatsheet

This is a collection of the most common commands I run while administering Postgres databases. The variables shown between the open and closed tags, "<" and ">", should be replaced with a name you choose. Postgres has multiple shortcut functions, starting with a forward slash, "". Any SQL command that is not a shortcut, must end with a semicolon, ";". You can use the keyboard UP and DOWN keys to scroll the history of previous commands you've run.

Setup

installation, Ubuntu

http://www.postgresql.org/download/linux/ubuntu/ https://help.ubuntu.com/community/PostgreSQL

@apolloclark
apolloclark / update_aws_ipv4.sh
Last active Nov 30, 2020
Dynamically update an AWS Route53 sub-domain IP address to your home router IP
View update_aws_ipv4.sh
[change-resource-record-set.json]
{
"Comment": "Updating IP address",
"Changes": [
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "domain.example.com",
"Type": "A",
"TTL": 60,
@apolloclark
apolloclark / Twitter API with Curl
Last active Nov 26, 2020
Twitter API with Curl
View Twitter API with Curl
# create an account, create an app
# @see https://apps.twitter.com/
# retrieve the access tokens
# @see https://dev.twitter.com/oauth/reference/post/oauth2/token
# create the file ~/twitter_api
nano ~/twitter_api
Authorization: OAuth oauth_consumer_key="XXXXXX", oauth_nonce="11111111", oauth_signature="XXXXXX", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1450728725", oauth_token="99999-XXXXXX", oauth_version="1.0"
@apolloclark
apolloclark / Buffer Overflow Tutorial in Kali.md
Last active Oct 25, 2020
Buffer overflow demonstration in Kali Linux, based on the Computerphile video
View Buffer Overflow Tutorial in Kali.md
View Kali 2016.1, Docker Install script
#!/bin/bash
# update apt-get
export DEBIAN_FRONTEND="noninteractive"
sudo apt-get update
# remove previously installed Docker
sudo apt-get purge lxc-docker*
sudo apt-get purge docker.io*
@apolloclark
apolloclark / lock_down_public_s3_buckets.md
Last active Sep 9, 2020
Bash one-liner to find public facing AWS S3 buckets, and make them private
View lock_down_public_s3_buckets.md

Command

aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then aws s3api put-bucket-acl --acl "private" --bucket {} ; fi'



1. List all of the user's buckets, and output the name, as text.

@apolloclark
apolloclark / devsecops.md
Last active Aug 17, 2020
DevSecOps Overview
View devsecops.md

Overview

DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps has becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7 years for security to become integrated within the devops methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their devops and security automation is, and to help them increase that maturity over time.

Criticality

PII and public facing = high
PII and internal facing = medium
no PII and public facing = medium
no PII and internal facing = low

View mysql cheatsheet.md

MySQL Cheatsheet

This is a collection of the most common commands I run while administering Mysql databases. The variables shown between the open and closed tags, "<" and ">", should be replaced with a name you choose. Mysql has multiple shortcut functions, starting with a forward slash, "". Any SQL command that is not a shortcut, must end with a semicolon, ";". You can use the keyboard UP and DOWN keys to scroll the history of previous commands you've run.

Setup

installation, Ubuntu 14.04

https://help.ubuntu.com/14.04/serverguide/mysql.html

sudo apt-get update
@apolloclark
apolloclark / Kali Linux 2016.2 - Metasploitable Tutorial.md
Last active Jun 23, 2020
Kali Linux 2016.2 - Metasploitable Tutorial
View Kali Linux 2016.2 - Metasploitable Tutorial.md

Metasploitable Tutorial

https://www.kali.org/downloads/
https://sourceforge.net/projects/metasploitable/
https://community.rapid7.com/docs/DOC-1875

1. create "Host-only Adapter"

You can’t perform that action at this time.