Skip to content

Instantly share code, notes, and snippets.

View drewchurch's full-sized avatar

drew drewchurch

5 followers · 0 following
View GitHub Profile
@drewchurch
drewchurch / HA-Recteq.md
Created December 30, 2022 06:20
HomeAssistant + Recteq + RT-700 (Bull)

HomeAssistant + Recteq + RT-700 ("The Bull")

Overview

This will quickly describe some of the steps needed to get the recteq configured in the latest versions of HA & (Local)Tuya.

If configured, you will be able to:

  • Display Current and Target Temperatures, Probe A & B Temperatures
  • Turn Smoker on and off
  • Set Target Temperature NEW
@drewchurch
drewchurch / cve-2022-26134-volexity-iocs.csv
Created June 3, 2022 18:46
IP Lookup for IoCs from Volexity. Source: https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
We can make this file beautiful and searchable if this error is corrected: No commas found in this CSV file in line 0.
ip
154.146.34.145
154.16.105.147
156.146.34.46
156.146.34.52
156.146.34.9
156.146.56.136
198.147.22.148
198.147.22.148
221.178.126.244
@drewchurch
drewchurch / check_kv_store.py
Created June 2, 2022 16:21
Useful for checking the kvstore status across a series of Splunk Enterprise hosts. Used for testing at scale for events and workshops.
from urllib.request import HTTPBasicAuthHandler
import requests,json, csv
from requests.auth import HTTPBasicAuth
from argparse import ArgumentParser
parser = ArgumentParser(description="Checks the status of the KVStore for targeted systems for use with workshops & demos.")
parser.add_argument(
"-i",
"--input",
default=None,
@drewchurch
drewchurch / find-cve-in-security-content.py
Last active April 27, 2022 21:51
Find CVEs tagged in Splunk Security Content (splunk/security_content) and Check Against CISA's List
from operator import truediv
import yaml, requests, json
from pathlib import Path
from argparse import ArgumentParser
import re
cisaUrl = 'https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json'
knownBadCVEs = []
parser = ArgumentParser()
@drewchurch
drewchurch / aa21-200a_splunk_detection.json
Created July 19, 2021 16:44
{
"name": "AA21-200A Splunk Security Content",
"versions": {
"attack": "9",
"navigator": "4.3",
"layer": "4.2"
},
"domain": "enterprise-attack",
"description": "",
"filters": {
@drewchurch
drewchurch / keybase.md
Created June 17, 2021 02:34
keybase.md

Keybase proof

I hereby claim:

  • I am drewchurch on github.
  • I am drewchurch (https://keybase.io/drewchurch) on keybase.
  • I have a public key ASA2r1EeOWwqc-G-jmdonGpyreYEXC2dRikOHkXtOCTDEAo

To claim this, I am signing this object: