Skip to content

Instantly share code, notes, and snippets.

View cyhook's full-sized avatar
🎯
Focusing

Shiyayo cyhook

🎯
Focusing
View GitHub Profile
@cyhook
cyhook / Jenkinsfile.groovy
Created November 21, 2022 12:36 — forked from Faheetah/Jenkinsfile.groovy
Jenkinsfile idiosynchrasies with escaping and quotes
node {
echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1'
echo 'No quotes, pipeline command in single quotes'
sh 'echo $BUILD_NUMBER' // 1
echo 'Double quotes are silently dropped'
sh 'echo "$BUILD_NUMBER"' // 1
echo 'Even escaped with a single backslash they are dropped'
sh 'echo \"$BUILD_NUMBER\"' // 1
echo 'Using two backslashes, the quotes are preserved'
sh 'echo \\"$BUILD_NUMBER\\"' // "1"
@cyhook
cyhook / Security_Onion_MIME_Types.list
Last active March 3, 2020 07:30 — forked from adamfisher/MIME Extension Mappings.xml
Maps file extensions to MIME types.
["application/x-dosexec"] = "exe",
["text/x-python"] = "py",
["application/x-tar"] = "tar",
["text/plain"] = "txt",
["application/zip"] = "zip",
["multipart/x-zip"] = "zip",
["multipart/x-gzip"] = "gzip",
["text/x-script.python"] = "py",
["application/x-bytecode.python"] = "pyc",
["audio/x-mpeg"] = "mp3",
@cyhook
cyhook / configure_bro_json-logs.sh
Created August 3, 2019 10:42 — forked from dcode/configure_bro_json-logs.sh
This snippet configures bro to write logs out in JSON instead of the tab-delimited format. It also configures it to use ISO8601 timestamps instead of unix epoch time.
## Configure bro to write JSON logs
mkdir -p /opt/bro/share/bro/site/scripts
sudo tee /opt/bro/share/bro/site/scripts/json-logs.bro << EOF
@load tuning/json-logs
redef LogAscii::json_timestamps = JSON::TS_ISO8601;
redef LogAscii::use_json = T;
EOF
sudo tee -a /opt/bro/share/bro/site/local.bro << EOF
@cyhook
cyhook / nginx.conf
Created September 3, 2018 06:35 — forked from plentz/nginx.conf
Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/
# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
@cyhook
cyhook / api_client.php
Created June 27, 2018 17:09 — forked from nuxsmin/api_client.php
Basic (very) CURL client to connect to sysPass API
<?php
$data = [
'jsonrpc' => '2.0',
'method' => 'backup',
'params' => [
'authToken' => 'PUT_YOUR_TOKEN_HERE',
// 'id' => '11',
// 'userPass' => 'debian',
// 'text' => 'Keepass',
@cyhook
cyhook / create-mysql.bash
Created June 27, 2018 07:15 — forked from omeinusch/create-mysql.bash
Simple bash script to create mysql db, user with generated password
#!/bin/bash
PASS=`pwgen -s 40 1`
mysql -uroot <<MYSQL_SCRIPT
CREATE DATABASE $1;
CREATE USER '$1'@'localhost' IDENTIFIED BY '$PASS';
GRANT ALL PRIVILEGES ON $1.* TO '$1'@'localhost';
FLUSH PRIVILEGES;
MYSQL_SCRIPT
@cyhook
cyhook / grafana-backup.sh
Created June 13, 2018 09:54 — forked from sithu/grafana-backup.sh
Grafana sqlite backup script
cat /usr/share/grafana/grafana-backup.sh
#!/bin/bash
DB="/var/lib/grafana/grafana.db"
BACKUP="/data/backup/grafana/grafana.db-$(date +%Y%m%d).bck"
SQLITE=/usr/bin/sqlite3
ZIP=/bin/gzip
${SQLITE} ${DB} ".backup ${BACKUP}"
${ZIP} ${BACKUP}
@cyhook
cyhook / wmic-install
Last active May 3, 2018 17:27 — forked from rickheil/wmic-install
installing wmic for linux
#!/bin/bash
# compiles WMIC for linux
apt-get install autoconf
cd /usr/src
wget http://www.openvas.org/download/wmi/wmi-1.3.14.tar.bz2
bzip2 -cd wmi-1.3.14.tar.bz2 | tar xf -
cd wmi-1.3.14/
@cyhook
cyhook / ELK_stack.md
Created January 27, 2018 15:52 — forked from rahulwa/ELK_stack.md
TODO in production for ELK stack

TODO in production -

Elasticsearch

  • select large memory instance
    • A machine with 64 GB of RAM is the ideal sweet spot, but 32 GB and 16 GB machines are also common. Less than 8 GB tends to be counterproductive (you end up needing many, many small machines), and greater than 64 GB has problems.
    • In general, it is better to prefer medium-to-large boxes.
  • create swap using instance store disk, not EBS.
  • Disks should be ssd and iops
  • cfq (default I/O Scheduler in *nix) is inefficient for SSD, however, since there are no spinning platters involved. Instead, deadline or noop should be used instead. The deadline scheduler optimizes based on how long writes have been pending, while noop is just a simple FIFO queue.
@cyhook
cyhook / gist:f9ed660c7ac50e8e0ca353c6e6cf19b5
Last active September 28, 2017 12:31 — forked from alokjani/gist:d9eda34a1b5ab70a50e8
Howto - Ubuntu 14.04 with Request Tracker and RT for Incident Response

Ubuntu 14.04 Request Tracker RT rt-4.2.14 RT for Incident Response RTIR 4.0.0

Request Tracker Installation

export http_proxy="http://10.x.x.x:3128"
export https_proxy="http://10.x.x.x.x:3128"