Skip to content

Instantly share code, notes, and snippets.


Gordon Young gjyoung1974

View GitHub Profile
View custom-osx.plist
<!-- This file is modified by @sickcodes from -->
<!-- The modifications are placeholders for: {{DEVICE_MODEL}}, {{SERIAL}}, {{BOARD_SERIAL}}, {{UUID}}, {{ROM}}, {{WIDTH}}, {{HEIGHT}} -->
<!-- All credit for this file -->
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">
View Dockerfile
# customize Colide Fleet by adding FluentBit
# Buildtime container:
FROM debian:buster as builder
LABEL maintainer=""
LABEL purpose="osquery"
gjyoung1974 / gist:71e253ef3b858081e9d369037148768c
Created Sep 22, 2020
View gist:71e253ef3b858081e9d369037148768c
from __future__ import division
from __future__ import print_function
import random
import functools
# 12th Mersenne Prime
# (for this application we want a known prime number as close as
View Dockerfile.spigot
# base layer
FROM debian:stable AS builder
# Get current & install Java, curl
RUN apt-get -y update && apt-get upgrade
RUN apt-get -y install git openjdk-11-jre-headless curl
# Run spigot as spigot user
RUN useradd spigot && mkdir -p /home/spigot
RUN usermod -a -G spigot spigot
Implements an RFC 5424 compliant SysLog agent/client on MSFT Windows Server.
We live in a Internet world, Windows needs Syslog for WinEVT...
import socket
import json
import win32con
import win32event
View windows_syslog_agent.ps1
# [!] Windows Syslog Agent/Client
# [$] Forward Windows Events via UDP in JSON format, designed for compatibility with Syslog/Rsyslog
# [$] Written: Gordon Young
function getStatus () {
$ip = ''
$offlineLogs = 'C:\Windows\Temp\queued.log'
import subprocess
import docker
from kubernetes import client, config
from tenable.cs import ContainerSecurity
from jira import JIRA
dockerClient = docker.from_env()
v1 = client.CoreV1Api()
gjyoung1974 /
Last active Jun 22, 2020
Get Google Container Registry image vulnerabilities
#!/bin/env python3
from datetime import date, datetime
import json
import logging
import subprocess
# Get all the Docker images in the repository
import uuid
from datetime import date
#!/bin/env python
import pickle
import fnmatch
import os # For Raspi hardware + Find OS Path for images
import pygame
# why do we need *?
from pygame import *
from time import sleep
gjyoung1974 / alerting_rules.yaml
Created May 20, 2020
Prometheus alert rules for sysdig falco events
View alerting_rules.yaml
## Prometheus server ConfigMap entries
## Alerts configuration
## Ref:
- name: security