Skip to content

Instantly share code, notes, and snippets.


Scott Stout skout23

View GitHub Profile
skout23 /
Created Oct 13, 2020
A very quick/dirty scanner to look for secrets in calendar events
# Futures
from __future__ import print_function
# Built-in/Generic Imports
import datetime
import pickle
import os.path
import re
# Libs
skout23 / logs_insights_queries.txt
Created Feb 11, 2019
Scratch Pad ideas for Cloudtrail queries using AWS Cloudwatch Logs Insights
View logs_insights_queries.txt
filter eventName="ConsoleLogin"
| stats count(*) as eventCount by userIdentity.userName, sourceIPAddress
| sort eventCount desc
filter not sourceIPAddress =~ /^(?i) and userIdentity.userName =~/^(?i)\w/
| stats count(*) as eventCount by eventName, userIdentity.userName, sourceIPAddress
| sort eventCount desc
filter eventName="ConsoleLogin"
skout23 /
Created Feb 1, 2019
Get the latest size in bytes of all s3 buckets given a list of profiles
aws_profile=("default" "otherprofile");
# setting the expected date() format BSD style (macos)
start_time="$(date -v-2d '+%Y-%m-%d')"
end_time="$(date '+%Y-%m-%d')"
#loop AWS profiles array incase we provide more than 1 profile
for profile in "${aws_profile[@]}"; do
skout23 / buffer_overflow.c
Last active Apr 26, 2018
simple buffer_overflow for testing afl
View buffer_overflow.c
Compile with:
afl-gcc -fno-stack-protector -z execstack buffer_overflow.c -o buffer_overflow
gcc -fno-stack-protector -z execstack buffer_overflow.c -o buffer_overflow
#include <stdio.h>
#include <string.h>
View pyenv + virtualenv all the things
# should pick up pyenv as dep
brew install pyenv-virtualenv
# add to your .bash_profile or other .profile
eval "$(pyenv init -)"
eval "$(pyenv virtualenv-init -)"
# List available pythons versions
$ pyenv install -l
skout23 / too short.txt
Created Oct 4, 2015
Fixing suricata on 12.04 ubuntu
View too short.txt
aptitude install suricata
sudo modprobe nfnetlink_queue
View GeoIP Product Id's
ProductID Database
106 GeoIP.dat
111 GeoIPOrg.dat
112/115 GeoIPRegion.dat
117 GeoIPASNum.dat
119 GeoIPUserType.dat
121/122 GeoIPISP.dat
132/133 GeoIPCity.dat
135 GeoIPAreaCode.dat
137 GeoIPDMACode.dat
skout23 / mario.rb
Created Aug 7, 2015
quick poc to print out the mario half pyramid
View mario.rb
#!/usr/bin/env ruby
# quick poc to print out the mario half pyramid
def pymid(base)
1.upto(base) do |row|
str = "#" * row
skout23 / codewatcher.rb
Created Oct 29, 2014
simple-ish rss atom feed watcher to alert when a code change has taken place
View codewatcher.rb
# script to watch production code commit log and send a diff of if any changes for PCI regulation needs
require 'rss'
require 'openssl'
DEBUG = false
# set the local store for marshalled data
$prod_code_last_reported_date = '/home/someuser/bin/watch_rss/data/last_reported.yml'
skout23 / gimmetime.rb
Created Oct 7, 2014
stupid import thing
View gimmetime.rb
#!/usr/bin/env ruby
require 'time'
$output ="tstamp.csv",'w')
$input ="",'r')
def gimmetime(str)
d1 = Time.parse(str)
rm1 =
You can’t perform that action at this time.