Skip to content

Instantly share code, notes, and snippets.

View brandond's full-sized avatar

Brad Davidson brandond

171 followers · 11 following
View GitHub Profile
@brandond
brandond / vpc-flowlog
Last active September 18, 2023 03:41
logstash-grok-pattern-vpc-flow-log
# VPC Flow Log fields
# version account-id interface-id srcaddr dstaddr srcport dstport protocol packets bytes start end action log-status
# http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-log-records
VPCFLOWLOG %{NUMBER:version:int} %{NUMBER:account-id} %{NOTSPACE:interface-id} %{NOTSPACE:srcaddr} %{NOTSPACE:dstaddr} %{NOTSPACE:srcport:int} %{NOTSPACE:dstport:int} %{NOTSPACE:protocol:int} %{NOTSPACE:packets:int} %{NOTSPACE:bytes:int} %{NUMBER:start:int} %{NUMBER:end:int} %{NOTSPACE:action} %{NOTSPACE:log-status}
@brandond
brandond / kdf-pbkdf2.js
Last active October 18, 2020 13:24
PBKDF2 support for CryptoJS
#! /usr/bin/env node
'use strict';
var CryptoJS = require('crypto-js');
/**
* CryptoJS extensions for PBKDF2
*
* The OpenSSL formatter has a hardcoded salt size that is insufficient for use
* with this algorithm, and the Hex formatter does not serialize the salt at all.
@brandond
brandond / __init__.py
Last active November 23, 2016 05:43
Evident ESP Python SDK sample
# Load API Keys from dotenv file
from dotenv import load_dotenv, find_dotenv
load_dotenv(find_dotenv())
# Raise items per page to max
from esp import settings
settings.settings.per_page = 100
# Add Unix CSV dialect
import csv
@brandond
brandond / monkeypatch.py
Last active December 27, 2016 11:37
Improved Python monkeypatching for SOCKS proxy support
import os
import logging
from functools import wraps
from urlparse import urlparse
logger = logging.getLogger(__name__)
def socket_to_socks(module):
try:
import socks
@brandond
brandond / squid
Last active September 18, 2019 18:14 — forked from hrchu/gist:0cc5e783387f5453f528
logstash-grok-pattern-squid
# Follows the squid format in default:
# logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<a %mt
# http://www.squid-cache.org/Doc/config/logformat/
SQUID4 %{NUMBER:timestamp:float}\s+%{NUMBER:response_time:int} %{IPORHOST:src_ip} %{NOTSPACE:squid_request_status}/%{NUMBER:http_status_code:int} %{NUMBER:transfer_size:int} %{NOTSPACE:http_method} (%{URIPROTO:url_scheme}://)?(?<url_host>\S+?)(:%{INT:url_port})?(/%{NOTSPACE:url_path})?\s+%{NOTSPACE:client_identity}\s+%{NOTSPACE:peer_code}/%{NOTSPACE:peerhost}\s+%{NOTSPACE:content_type}
@brandond
brandond / sslscan.py
Created March 25, 2017 09:02
Stupid simple Python SSL certificate chain scanner
#!/usr/bin/env python
from __future__ import print_function
import sys
import socket
import requests
import datetime
from OpenSSL import SSL, crypto
@brandond
brandond / function.py
Last active February 6, 2023 21:09
Python script to auto-tag AWS EBS Snapshots and Volumes using AMI and Instance tags
import copy
import logging
import os
import boto3
logging.basicConfig(level=os.environ.get('LOG_LEVEL', 'INFO'))
ec2 = boto3.client('ec2')
logger = logging.getLogger(__name__)
@brandond
brandond / kinesis-s3-splunk-gzip.py
Last active March 10, 2018 00:11
Proof-of-concept CLI tool to ingest CloudWatch Logs data archived via Kinesis Firehose from S3 into Splunk via the HTTP Event Collector
from __future__ import print_function, division
import gzip
import io
import logging
import sys
import tempfile
import zlib
import boto3
import click
@brandond
brandond / fixtures.yaml.j2
Created February 1, 2019 20:37
esphomeyaml templates
esphomeyaml:
name: fixture{{ID}}
platform: ESP8266
board: esp01_1m
arduino_version: 2.4.2
esphomelib_version: dev
board_flash_mode: dout
build_path: esp8266
on_boot:
if:
@brandond
brandond / fastblink bootstrap success.txt
Created February 5, 2019 10:29
Neo Coolcam PIR sensor reverse-engineering