Skip to content

Instantly share code, notes, and snippets.

@prabhu
prabhu / Snippets
Last active Jan 31, 2021
A good browser detection logic
View Snippets
function detectBrowser(userAgent, language) {
var version, webkitVersion, iOSAgent, iOSDevice, iOSMajorVersion, iOSMinorVersion, browser = {};
userAgent = (userAgent || navigator.userAgent).toLowerCase();
language = language || navigator.language || navigator.browserLanguage;
version = browser.version = (userAgent.match(/.*(?:rv|chrome|webkit|opera|ie)[\/: ](.+?)([ \);]|$)/) || [])[1];
webkitVersion = (userAgent.match(/webkit\/(.+?) /) || [])[1];
iOSAgent = (userAgent.match(/\b(iPad|iPhone|iPod)\b.*\bOS (\d)_(\d)/i) || []);
iOSDevice = iOSAgent[1];
iOSMajorVersion = iOSAgent[2];
iOSMinorVersion = iOSAgent[3];
@prabhu
prabhu / gist:cbb786d01a85d6924cc8
Created Jan 27, 2015
Resume zsh for mac terminal (Tested on Yosemite)
View gist:cbb786d01a85d6924cc8
# Originally found on - http://earthwithsun.com/questions/313650/resume-zsh-terminal-os-x-lion
# Tell the terminal about the working directory whenever it changes.
if [[ "$TERM_PROGRAM" == "Apple_Terminal" ]] && [[ -z "$INSIDE_EMACS" ]]; then
update_terminal_cwd() {
# Identify the directory using a "file:" scheme URL, including
# the host name to disambiguate local vs. remote paths.
# Percent-encode the pathname.
local URL_PATH=''
View gist:509d048561db92195600
# Mosh uses udp range 60000 - 61000. Just allow 60000 alone for added security
-A INPUT -p udp -m multiport --dports 60000:61000 -j ACCEPT
@prabhu
prabhu / org-scan.sh
Created May 30, 2020
Script to clone multiple repos from github and invoke ShiftLeft Scan
View org-scan.sh
#!/usr/bin/env bash
# Script to clone repos from github and invoke ShiftLeft Scan
# You should have added your ssh public key to GitHub and have read access
# Create a PAT token for GitHub and store it as GITHUB_TOKEN env variable
CURR_DIR=$(pwd)
mkdir -p reports_dir
mkdir -p work_dir && cd work_dir
# Get the latest scan image
docker pull shiftleft/scan
@prabhu
prabhu / summary.py
Created May 30, 2020
Script to summarize all ShiftLeft Scan SAST reports
View summary.py
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from pathlib import Path
import json
# pip install jinja2
from jinja2 import Template
@prabhu
prabhu / inspect.sh
Last active Jun 3, 2020
Wrapper for ShiftLeft Inspect cli that just works
View inspect.sh
#!/bin/sh
# This script invokes Shiftleft Inspect on the current directory
{ # Prevent execution if this script was only partially downloaded
check_app_dir() {
if [ "$(pwd)" == "$HOME" ]; then
echo Please run this command from within the application directory and not from your HOME directory
exit 1
fi
}
download() {
@prabhu
prabhu / bom.xslt
Created Jun 4, 2020
XSLT to transform CycloneDX SBoM xml to Markdown
View bom.xslt
<xsl:stylesheet version="1.0" xmlns:bom="http://cyclonedx.org/schema/bom/1.1" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:output method="text" />
<xsl:template match="/">
<xsl:text>## Project dependencies</xsl:text>
<xsl:text>&#xa;&#xa;</xsl:text>
<xsl:text>| Vendor | Name | Version | License Id | </xsl:text>
<xsl:text>&#xa;</xsl:text>
<xsl:text>| -------|------|---------|------------|</xsl:text>
<xsl:text>&#xa;</xsl:text>
@prabhu
prabhu / git-scan.sh
Created Jun 26, 2020
Script to perform security scan of top repos on GitHub using ShiftLeft Scan. Use it to produce your own state of the opensource security reports.
View git-scan.sh
#!/usr/bin/env bash
# Script to clone top repos on github based on language and invoke ShiftLeft Scan against the repos to find vulnerabilities
# Use case 1: Scan the top repos on GitHub and write a state of opensource report to criticize opensource!
# Use case 2: Scan the top repos on GitHub and sell your magical security product to guard organizations against opensource vulnerabilities!
CURR_DIR=$(pwd)
mkdir -p reports_dir
mkdir -p work_dir && cd work_dir
# Get the latest scan image
docker pull shiftleft/scan
@prabhu
prabhu / git-protect.tf
Created Jul 18, 2020
Protect github branches, mandate status checks with Terraform
View git-protect.tf
# Protect the master branch. Enforce that ci/tests and shiftleft should pass to allow merges
# Allow PR to be dismissed by sem-user and managers team
resource "github_branch_protection" "protect_master" {
repository = "${github_repository_name}"
branch = "master"
enforce_admins = true
require_signed_commits = false
required_status_checks {
strict = false
@prabhu
prabhu / github-actions-secret-tf
Created Jul 18, 2020
Create GitHub actions secret with Terraform
View github-actions-secret-tf
data "github_repository" "poc" {
full_name = var.poc_repo
}
// Create secrets in a single poc repo
resource "github_actions_secret" "my_secret" {
repository = data.github_repository.poc.name
secret_name = "SECRET_KEY"
plaintext_value = var.secret_value
}