Skip to content

Instantly share code, notes, and snippets.


Gordon Young gjyoung1974

View GitHub Profile
View aws_cli_cheat_sheet.txt
# Count total EBS based storage in AWS
aws ec2 describe-volumes | jq "[.Volumes[].Size] | add"
# Count total EBS storage with a tag filter
aws ec2 describe-volumes --filters "Name=tag:Name,Values=CloudEndure Volume qjenc" | jq "[.Volumes[].Size] | add"
# Describe instances concisely
aws ec2 describe-instances | jq '[.Reservations | .[] | .Instances | .[] | {InstanceId: .InstanceId, State: .State, SubnetId: .SubnetId, VpcId: .VpcId, Name: (.Tags[]|select(.Key=="Name")|.Value)}]'
# Wait until $instance_id is running and then immediately stop it again
aws ec2 wait instance-running --instance-id $instance_id && aws ec2 stop-instances --instance-id $instance_id
# Get 10th instance in the account
View Dockerfile
# customize Colide Fleet by adding FluentBit
# Buildtime container:
FROM debian:buster as builder
LABEL maintainer=""
LABEL purpose="osquery"
gjyoung1974 / gist:71e253ef3b858081e9d369037148768c
Created Sep 22, 2020
View gist:71e253ef3b858081e9d369037148768c
from __future__ import division
from __future__ import print_function
import random
import functools
# 12th Mersenne Prime
# (for this application we want a known prime number as close as
Implements an RFC 5424 compliant SysLog agent/client on MSFT Windows Server.
We live in a Internet world, Windows needs Syslog for WinEVT...
import socket
import json
import win32con
import win32event
View Dockerfile.spigot
# base layer
FROM debian:stable AS builder
# Get current & install Java, curl
RUN apt-get -y update && apt-get upgrade
RUN apt-get -y install git openjdk-11-jre-headless curl
# Run spigot as spigot user
RUN useradd spigot && mkdir -p /home/spigot
RUN usermod -a -G spigot spigot
View windows_syslog_agent.ps1
# [!] Windows Syslog Agent/Client
# [$] Forward Windows Events via UDP in JSON format, designed for compatibility with Syslog/Rsyslog
# [$] Written: Gordon Young
function getStatus () {
$ip = ''
$offlineLogs = 'C:\Windows\Temp\queued.log'
import subprocess
import docker
from kubernetes import client, config
from tenable.cs import ContainerSecurity
from jira import JIRA
dockerClient = docker.from_env()
v1 = client.CoreV1Api()
gjyoung1974 /
Last active Jul 24, 2020
# -*- coding: utf-8 -*-
# Gordon Young 2016
# This script demonstrates:
# 1. Authenticating to the Lieberman ERPM PAM / EPV API
# 3. Requesting & returning a password key by account & target ID
import ssl
gjyoung1974 /
Last active Jun 22, 2020
Get Google Container Registry image vulnerabilities
#!/bin/env python3
from datetime import date, datetime
import json
import logging
import subprocess
# Get all the Docker images in the repository
import uuid
from datetime import date
#!/bin/env python
import pickle
import fnmatch
import os # For Raspi hardware + Find OS Path for images
import pygame
# why do we need *?
from pygame import *
from time import sleep