Skip to content

Instantly share code, notes, and snippets.

View avoidik's full-sized avatar

Viacheslav Vasilyev avoidik

16 followers · 4 following
View GitHub Profile
@ajpc500
ajpc500 / log-forwarding-with-etw.ps1
Last active June 29, 2023 01:31
Quick-and-dirty PowerShell script to install Sysmon (SwiftOnSecurity config), SilkService and Winlogbeat, and forward logs to HELK based on IP set in environment variable "HELK_IP" (see Line 224).
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$wc = New-Object System.Net.WebClient
if (!(Test-Path "C:\Tools")) {
New-Item -Path "C:\" -Name "Tools" -ItemType "directory"
}
# SYSMON
# Download Sysmon
$SysmonDirectory = "C:\Tools\Sysmon\"
@iann0036
iann0036 / gist:b473bbb3097c5f4c656ed3d07b4d2222
Last active April 28, 2024 11:47
List of expensive / long-term effect AWS IAM actions
route53domains:RegisterDomain
route53domains:RenewDomain
route53domains:TransferDomain
ec2:ModifyReservedInstances
ec2:PurchaseHostReservation
ec2:PurchaseReservedInstancesOffering
ec2:PurchaseScheduledInstances
rds:PurchaseReservedDBInstancesOffering
dynamodb:PurchaseReservedCapacityOfferings
s3:PutObjectRetention
@oximenvn
oximenvn / disable.sh
Last active February 25, 2022 09:11
Script disable bloatware, ads of Fire HD 10 2019
#Must to install new laucher before runing script
while read p; do
echo "adb shell pm disable-user $p"
adb shell pm disable-user "$p" 0>/dev/null
#adb shell pm enable "$p" 0>/dev/null
done <ok-1430.txt
# Turn off update for amazon app dont return
adb shell pm disable-user com.amazon.settings.systemupdates
@ajkerrigan
ajkerrigan / AWS User Info Bookmarklet.md
Created August 6, 2019 16:55
AWS User Info Bookmarklet

Current User Info Bookmarklet for the AWS Console

When logged into the AWS web console it can be helpful to quickly see details of your current identity. This can include:

  • An ARN
  • Your current account alias
  • Issuer info, indicating tools such as aws-vault
  • Your username, which may include a role session name

This bookmarklet is a simple way to parse that information out of the aws-userInfo cookie and return it as pretty printed JSON.

@ruzickap
ruzickap / create_kubernetes_cluster.sh
Last active April 28, 2019 09:25
Create Kubernetes Cluster using Kubespray
# Create Virtual env for Kubespray and make it active
virtualenv --system-site-packages kubespray_virtenv
source kubespray_virtenv/bin/activate
# Install Ansible and Kubespray to virtualenv
pip install kubespray
# Create kubespray config file
cat > ~/.kubespray.yml << EOF
kubespray_git_repo: "https://github.com/kubespray/kubespray.git"
@Karreg
Karreg / docker-cleanup.sh
Last active October 28, 2020 07:08
Script to cleanup Docker leftovers, related to https://github.com/moby/moby/issues/22207
#!/bin/bash
echo "WARN: This will remove everything from docker: volumes, containers and images. Will you dare? [y/N] "
read choice
if [ \( "$choice" == "y" \) -o \( "$choice" == "Y" \) ]
then
sudo echo "> sudo rights [OK]"
sizea=`sudo du -sh /var/lib/docker/aufs`
@richardjortega
richardjortega / curl_rest_api.md
Last active March 2, 2021 14:14
cURL REST API for Azure Resource Manager (ARM)

Using cURL and Azure REST API to access Azure Resource Manager (non-interactive)

Note: This guide assumes Azure CLI 2.0 is installed and familiarity with Azure concepts.

Register Client App and Obtain Service Principal (via CLI)

The APP_ID_URI needs to match what is expected in client request calls.

$ az ad sp create-for-rbac --name [APP_ID_URI] --password [PASSWORD]
@jasonjoh
jasonjoh / sendactionablemessage.py
Last active October 17, 2023 12:45
A sample Python script that sends an actionable message via the Office 365 SMTP server.
#! /usr/local/bin/python
"""Sends an actionable message to yourself
Usage: 'sendactionablemessage.py -u <username> -p <password>'
"""
import sys
import getopt
from smtplib import SMTP as SMTP
from email.mime.text import MIMEText
@ageis
ageis / systemd_service_hardening.md
Last active May 4, 2024 15:57
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@mathieu-benoit
mathieu-benoit / Deploy-Default-Sitecore-8-2-1-XM.ps1
Last active August 27, 2018 18:51
Powershell to deploy the default Sitecore XM ARM Template on Azure
# PowerShell script to deploy Sitecore 8.2.1 XM default ARM Template.
# Located here: https://raw.githubusercontent.com/Sitecore/Sitecore-Azure-Quickstart-Templates/master/Sitecore%208.2.1/xm
Param(
[string] [Parameter(Mandatory=$true)] $SubscriptionId,
[string] [Parameter(Mandatory=$true)] $ResourceGroupName,
[string] $ResourceGroupLocation = "East US",
[string] $TemplateFile = "https://raw.githubusercontent.com/Sitecore/Sitecore-Azure-Quickstart-Templates/master/Sitecore%208.2.1/xm/azuredeploy.json",
[string] [Parameter(Mandatory=$true)] $LicenseFile,
[string] $CdMsDeployPackageUrl = 'TO_REPLACE',