Skip to content

Instantly share code, notes, and snippets.

View chrisdlangton's full-sized avatar

Chris (stof) Langton chrisdlangton

54 followers · 4 following
View GitHub Profile
@chrisdlangton
chrisdlangton / piplock.sh
Last active July 25, 2020 05:01
Python pip requirements.txt lock file
#!/usr/bin/env bash
CWD=$(pwd)
TMP_DIR=$1
if [[ $EUID -eq 0 ]]; then
echo -e "${RED}x${NC} This script must not be run as root"
exit 1
fi
if [ -z $(which python3) ]; then
@chrisdlangton
chrisdlangton / ssh_keys.txt
Created June 4, 2020 05:38
Public Key lists
# Likely just: curl -i <url>
# Github
https://github.com/<username>.keys
# Bitbucket
https://bitbucket.org/api/1.0/users/<accountname>/ssh-keys
@chrisdlangton
chrisdlangton / syscall2seccomp.py
Last active August 31, 2022 23:51
Automatically generate seccomp profile json by learning from container activity using sysdig
#!/usr/bin/env python3
import fileinput
import json
import argparse
SECCOMP_PROFILE = ('{"defaultAction": "SCMP_ACT_ERRNO",'
'"architectures": ['
'"SCMP_ARCH_X86_64",'
'"SCMP_ARCH_X86",'
@chrisdlangton
chrisdlangton / subdomains_csp.sh
Created January 13, 2020 18:33
extract subdomains from CSP http response headers
curl -s -I -L “https://$1" | grep -Ei ‘^Content-Security-Policy:’ | sed “s/;/;\\n/g”
@chrisdlangton
chrisdlangton / update-route53.sh
Last active February 1, 2020 02:51
Keep AWS Route53 ipv4 A and ipv6 AAAA records updated
#!/usr/bin/env bash
readonly LOG_FILE=${HOME}/route53.log
touch $LOG_FILE
exec 1>>$LOG_FILE
exec 2>&1
RED='\033[0;31m'
GREEN='\033[0;32m'
ORANGE='\033[0;33m'
@chrisdlangton
chrisdlangton / zap.sh
Last active December 25, 2019 05:05
easy owasp zap proxy on cli using docker and bash
#!/usr/bin/env bash
# Usage: /usr/local/bin/zap <target domain> <baseline|full-scan|api-scan> <arguments>
# environment variables;
# ZAP_EXTRA_ARGS Add more arguments to the zap python script
# ZAP_EXTRA_OPTS Add more options to the zap java proxy
# ZAP_WORKDIR Where to store logs and reports
# ZAP_DOCKER_NAME Name the docker container
TYPE=$2
@chrisdlangton
chrisdlangton / .gitconfig
Last active March 15, 2021 22:43
git-secrets for GCP Terraform Kube Ruby Python Linux etc
[secrets]
providers = git secrets --aws-provider
patterns = (A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}
patterns = (\"|')?(AWS|aws|Aws)?_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)(\"|')?\\s*(:|=>|=)\\s*(\"|')?[A-Za-z0-9/\\+=]{40}(\"|')?
patterns = (\"|')?(AWS|aws|Aws)?_?(ACCOUNT|account|Account)_?(ID|id|Id)?(\"|')?\\s*(:|=>|=)\\s*(\"|')?[0-9]{4}\\-?[0-9]{4}\\-?[0-9]{4}(\"|')?
allowed = AKIAIOSFODNN7EXAMPLE
allowed = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
patterns = private_key
patterns = client_email
patterns = private_key_id
@chrisdlangton
chrisdlangton / terraform_install.sh
Created December 8, 2019 08:52
Single command to install the latest version of Hahicorp Terraform for Linux amd64
echo "https://releases.hashicorp.com/terraform/$(curl -s https://checkpoint-api.hashicorp.com/v1/check/terraform | \
jq -r -M '.current_version')/terraform_$(curl -s https://checkpoint-api.hashicorp.com/v1/check/terraform | \
jq -r -M '.current_version')_linux_amd64.zip" | \
xargs wget -q -O temp.zip; \
unzip temp.zip; \
chmod +x terraform; \
sudo mv terraform /usr/local/bin/; \
rm temp.zip
@chrisdlangton
chrisdlangton / clone_all.sh
Last active February 13, 2020 03:20
Quick clone all org repos using Github Enterprise API v3
#!/usr/bin/env bash
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
NC='\033[0m' # No Color
if [[ $EUID -eq 0 ]]; then
echo -e "${RED}x${NC} This script must not be run as root"
exit 1
fi
@chrisdlangton
chrisdlangton / install_dependency-check.sh
Created November 17, 2019 14:02
Install OWASP dependency-check
#!/usr/bin/env bash
GREEN='\033[0;32m'
NC='\033[0m' # No Color
CUR_USER=$(whoami)
TARGET=$(pwd)/vendored
export DEPENDENCY_CHECK_VERSION=5.2.4
chown -R ${CUR_USER} /home/${CUR_USER}/.gnupg
find /home/${CUR_USER}/.gnupg -type f -exec chmod 600 {} \;