Skip to content

Instantly share code, notes, and snippets.

View l1ahim's full-sized avatar
🎯
Focusing

Catalinux l1ahim

🎯
Focusing
2 followers · 10 following
  • Timisoara
View GitHub Profile
@l1ahim
l1ahim / bash_aws_jq_cheatsheet.sh
Created March 25, 2019 14:50 — forked from lukeplausin/bash_aws_jq_cheatsheet.sh
AWS, JQ and bash command cheat sheet. How to query, cut and munge things in JSON generally.
# Count total EBS based storage in AWS
aws ec2 describe-volumes | jq "[.Volumes[].Size] | add"
# Count total EBS storage with a tag filter
aws ec2 describe-volumes --filters "Name=tag:Name,Values=CloudEndure Volume qjenc" | jq "[.Volumes[].Size] | add"
# Describe instances concisely
aws ec2 describe-instances | jq '[.Reservations | .[] | .Instances | .[] | {InstanceId: .InstanceId, State: .State, SubnetId: .SubnetId, VpcId: .VpcId, Name: (.Tags[]|select(.Key=="Name")|.Value)}]'
# Wait until $instance_id is running and then immediately stop it again
aws ec2 wait instance-running --instance-id $instance_id && aws ec2 stop-instances --instance-id $instance_id
# Get 10th instance in the account
@l1ahim
l1ahim / gist:c505f43326385ebe8a313e2c5324f12c
Created March 26, 2019 11:33 — forked from hummus/gist:8592113
aws cli + jq example
wget http://stedolan.github.io/jq/download/linux64/jq
aws ec2 describe-instances --filters "Name=tag:Name,Values=$NAME" \
"Name=instance-state-name,Values=running" \
| jq -r \
".Reservations[] | .Instances[] | .InstanceId" \
aws ec2 describe-volumes --filters \
"Name=status,Values=available" \
| jq -r ".Volumes[] | .VolumeId" \
@l1ahim
l1ahim / snapshots.py
Created March 26, 2019 15:54 — forked from Eyjafjallajokull/README.md
AWS EBS - Find unused snapshots - this script generates csv raport about snapshot usage
import re
import boto3
import csv
from botocore.exceptions import ClientError
ec2 = boto3.client('ec2')
def get_snapshots():
return ec2.describe_snapshots(OwnerIds=['self'])['Snapshots']
@l1ahim
l1ahim / docker-cleanup-resources.md
Created May 11, 2019 08:18 — forked from bastman/docker-cleanup-resources.md
docker cleanup guide: containers, images, volumes, networks

Docker - How to cleanup (unused) resources

Once in a while, you may need to cleanup resources (containers, volumes, images, networks) ...

delete volumes

// see: https://github.com/chadoe/docker-cleanup-volumes

$ docker volume rm $(docker volume ls -qf dangling=true)

$ docker volume ls -qf dangling=true | xargs -r docker volume rm

@l1ahim
l1ahim / Kubernetes vagrant cluster
Created July 5, 2019 19:54 — forked from walidshaari/Kubernetes vagrant cluster
Completion
install bash-completion package
kubeadm completion bash|tee /etc/bash_completion.d/kubeadm
kubectl completion bash|tee /etc/bash_completion.d/kubectl
Bootstrapping the master node "Kubernetes control panel" :
kubeadm init --apiserver-advertise-address=192.168.205.10 --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.6.2
## for calico default is 192.168.0.0/16 for flannel it is 10.244.0.0/16, not sure what needs to be done to vagrant for ips not clash
@l1ahim
l1ahim / configure_kubernetes_centos.sh
Created July 10, 2019 12:21 — forked from chiradeep/configure_kubernetes_centos.sh
#!/bin/bash
set -x
master_ip=$1
ipaddr=$(ip addr show dev eth0 | grep "inet " | cut -d ' ' -f 6 | cut -f 1 -d '/')
is_master=${2:-"true"}
[ -n "$master_ip" ] || exit 1
@l1ahim
l1ahim / ovh_centos7.sh
Created August 8, 2019 07:56 — forked from danidiaz/ovh_centos7.sh
OVH centos 7 post-install script.
#! /bin/bash
# http://linuxcommand.org/wss0150.php
function error_exit
{
echo "$1" 1>&2
exit 1
}
# http://unix.stackexchange.com/questions/70859/why-doesnt-sudo-su-in-a-shell-script-run-the-rest-of-the-script-as-root
@l1ahim
l1ahim / SIEMple_SIEM_questionnaire_and_tests.md
Created February 7, 2020 13:13 — forked from 7MinSec/SIEMple_SIEM_questionnaire_and_tests.md
Some simple security tests you can run to test the effectiveness of your SIEM

Introduction

In episode 338 of the 7 Minute Security podcast, I talked about a recent engagement where I helped a customer do a bit of a SIEM solution bake-off. This gist is the companion to that episode, and is broken down into the following two sections:

  • Questionnaire - a series of questions you can ask SIEM vendors to gather as many data points about their products and services as possible

  • SIEM tests - a few tests you can conduct on your internal/external network to see if your SIEM solution indeed coughs up alerts on some things it should indeed whine about

Questionnaire

Introduction / Purpose

@l1ahim
l1ahim / AWS Security Resources
Created March 19, 2020 13:59 — forked from chanj/AWS Security Resources
AWS Security Resources
INTRO
I get asked regularly for good resources on AWS security. This gist collects some of these resources (docs, blogs, talks, open source tools, etc.). Feel free to suggest and contribute.
Short Link: http://tiny.cc/awssecurity
Official AWS Security Resources
* Security Blog - http://blogs.aws.amazon.com/security/
* Security Advisories - http://aws.amazon.com/security/security-bulletins/
* Security Whitepaper (AWS Security Processes/Practices) - http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
* Security Best Practices Whitepaper - http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf
@l1ahim
l1ahim / wget.sh
Created April 20, 2020 15:16 — forked from crittermike/wget.sh
Download an entire website with wget, along with assets.
# One liner
wget --recursive --page-requisites --adjust-extension --span-hosts --convert-links --restrict-file-names=windows --domains yoursite.com --no-parent yoursite.com
# Explained
wget \
--recursive \ # Download the whole site.
--page-requisites \ # Get all assets/elements (CSS/JS/images).
--adjust-extension \ # Save files with .html on the end.
--span-hosts \ # Include necessary assets from offsite as well.
--convert-links \ # Update links to still work in the static version.