James Hale jmhale

## ec2_enc_status.py
import boto3
from prettytable import PrettyTable

def get_unencrypted_volumes():
    ec2 = boto3.client('ec2')

    # Retrieve all EBS volumes in the AWS account
    response = ec2.describe_volumes()
    volumes = response['Volumes']

## halelab_root.crt
-----BEGIN CERTIFICATE-----
MIIBmjCCAUGgAwIBAgIQd+fPMrhLpyhDsvVxt7vFxjAKBggqhkjOPQQDAjAsMRAw
DgYDVQQKEwdIYWxlTGFiMRgwFgYDVQQDEw9IYWxlTGFiIFJvb3QgQ0EwHhcNMjEx
MjExMTQzNTU5WhcNMzExMjA5MTQzNTU5WjAsMRAwDgYDVQQKEwdIYWxlTGFiMRgw
FgYDVQQDEw9IYWxlTGFiIFJvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
AAQ9p/w81fRL3b0iJRKV5dbvZHiExMmpmMM3FnRIjm2Rsp5VCxG3ApI6/i2F+Lvb
FqNLbQpowwckKQ+3KTNEkO5+o0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/
BAgwBgEB/wIBATAdBgNVHQ4EFgQUltQxmEX8Z57c+F7QKjNP59iCVbowCgYIKoZI
zj0EAwIDRwAwRAIgDXzAE1p5zyMH6jnBtDX5xHas5UU3lwHLwjGmHMss3OgCIAMA
Iy774y3w2SAQ6u83tC2BkJ0NoufyU6/S2MetSRzQ

## metar-taf.sh
 # Functions to get METAR/TAFs from checkwx.com. Defaults to KDCA for both.
 function metar() {
     if [ "$1" != "" ]
     then
         curl "https://api.checkwx.com/bot/metar/$1?x-api-key=$CHECK_WX_API_KEY"
     else
         curl "https://api.checkwx.com/bot/metar/KDCA?x-api-key=$CHECK_WX_API_KEY"
     fi
 }

## gist:805a85e6b3b7762041c92dea8d3da95f
# Unbound to Pihole
cat unbound/etc-unbound/a-records.conf | awk '{print $4 " " $2}'| tr -d \" | sed 's/\.$//' > pihole/etc-pihole/custom.list

# Pihole to Unbound
cat pihole/etc-pihole/custom.list | awk '{print "local-data: \""$2". A "$1"\""}' > unbound/etc-unbound/a-records.conf

## resume.json
{
  "basics": {
    "name": "James Hale",
    "label": "Security Engineering Manager at Salesforce",
    "image": "https://hale.dev/assets/images/profile.jpg",
    "email": "james@hale.dev",
    "url": "https://hale.dev",
    "summary": "Cloud security engineer with over fourteen years of experience, specializing in architecting and deploying secure and scalable systems with high availability, using cloud-based and on-premises infrastructure resources, including hybrid solutions.\n\nDevOps and security-focused. Experienced in Agile methodologies, including Scrum and Kanban.\n\nSpecialties include: AWS, VMware, networking, automation and security.",
    "profiles": [
      {

## install-doh.sh
wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-arm.tgz
tar -xvzf cloudflared-stable-linux-arm.tgz
sudo cp ./cloudflared /usr/local/bin
sudo chmod +x /usr/local/bin/cloudflared

useradd -s /usr/sbin/nologin -r -M cloudflared
cat

cat <<EOF > /etc/default/cloudflared
# Commandline args for cloudflared

## parse_junitxml.py
'''
Parses JUnit XML results from Checkov
'''

import os
import html
from junitparser import JUnitXml, Failure, Skipped, Error

PRINT_NO_FAILS = False

## aws_instances_with_events.sh
aws ec2 describe-instance-status --query 'InstanceStatuses[?length(Events || `[]`) > `0`]' | jq -r '.[] | "\(.InstanceId)\t\(.Events[].Code)"'

## gist:6b699c6523a89f8a3b941198b5fd3d90
aws ec2 describe-instances --query "Reservations[*].Instances[*].{IPAddress:PrivateIpAddress,Name:Tags[?Key=='Name']|[0].Value,Status:State.Name}" --filters Name=instance-state-name,Values=running --output table

## git-check.sh
find . -type d -name '.git' | while read dir ; do sh -c "cd $dir/../ && git status -s | grep -q [azAZ09] && echo ---- ${dir//\.git/} ---- && git status -s" ; done
	import boto3
	from prettytable import PrettyTable

	def get_unencrypted_volumes():
	ec2 = boto3.client('ec2')

	# Retrieve all EBS volumes in the AWS account
	response = ec2.describe_volumes()
	volumes = response['Volumes']
	-----BEGIN CERTIFICATE-----
	MIIBmjCCAUGgAwIBAgIQd+fPMrhLpyhDsvVxt7vFxjAKBggqhkjOPQQDAjAsMRAw
	DgYDVQQKEwdIYWxlTGFiMRgwFgYDVQQDEw9IYWxlTGFiIFJvb3QgQ0EwHhcNMjEx
	MjExMTQzNTU5WhcNMzExMjA5MTQzNTU5WjAsMRAwDgYDVQQKEwdIYWxlTGFiMRgw
	FgYDVQQDEw9IYWxlTGFiIFJvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
	AAQ9p/w81fRL3b0iJRKV5dbvZHiExMmpmMM3FnRIjm2Rsp5VCxG3ApI6/i2F+Lvb
	FqNLbQpowwckKQ+3KTNEkO5+o0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/
	BAgwBgEB/wIBATAdBgNVHQ4EFgQUltQxmEX8Z57c+F7QKjNP59iCVbowCgYIKoZI
	zj0EAwIDRwAwRAIgDXzAE1p5zyMH6jnBtDX5xHas5UU3lwHLwjGmHMss3OgCIAMA
	Iy774y3w2SAQ6u83tC2BkJ0NoufyU6/S2MetSRzQ
	# Functions to get METAR/TAFs from checkwx.com. Defaults to KDCA for both.
	function metar() {
	if [ "$1" != "" ]
	then
	curl "https://api.checkwx.com/bot/metar/$1?x-api-key=$CHECK_WX_API_KEY"
	else
	curl "https://api.checkwx.com/bot/metar/KDCA?x-api-key=$CHECK_WX_API_KEY"
	fi
	}
	# Unbound to Pihole
	cat unbound/etc-unbound/a-records.conf \| awk '{print $4 " " $2}'\| tr -d \" \| sed 's/\.$//' > pihole/etc-pihole/custom.list

	# Pihole to Unbound
	cat pihole/etc-pihole/custom.list \| awk '{print "local-data: \""$2". A "$1"\""}' > unbound/etc-unbound/a-records.conf
	{
	"basics": {
	"name": "James Hale",
	"label": "Security Engineering Manager at Salesforce",
	"image": "https://hale.dev/assets/images/profile.jpg",
	"email": "james@hale.dev",
	"url": "https://hale.dev",
	"summary": "Cloud security engineer with over fourteen years of experience, specializing in architecting and deploying secure and scalable systems with high availability, using cloud-based and on-premises infrastructure resources, including hybrid solutions.\n\nDevOps and security-focused. Experienced in Agile methodologies, including Scrum and Kanban.\n\nSpecialties include: AWS, VMware, networking, automation and security.",
	"profiles": [
	{
	wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-arm.tgz
	tar -xvzf cloudflared-stable-linux-arm.tgz
	sudo cp ./cloudflared /usr/local/bin
	sudo chmod +x /usr/local/bin/cloudflared

	useradd -s /usr/sbin/nologin -r -M cloudflared
	cat

	cat <<EOF > /etc/default/cloudflared
	# Commandline args for cloudflared
	'''
	Parses JUnit XML results from Checkov
	'''

	import os
	import html
	from junitparser import JUnitXml, Failure, Skipped, Error

	PRINT_NO_FAILS = False