Skip to content

Instantly share code, notes, and snippets.

ProductID Database
106 GeoIP.dat
111 GeoIPOrg.dat
112/115 GeoIPRegion.dat
117 GeoIPASNum.dat
119 GeoIPUserType.dat
121/122 GeoIPISP.dat
132/133 GeoIPCity.dat
135 GeoIPAreaCode.dat
137 GeoIPDMACode.dat
@skout23
skout23 / logs_insights_queries.txt
Created February 11, 2019 19:48
Scratch Pad ideas for Cloudtrail queries using AWS Cloudwatch Logs Insights
```
filter eventName="ConsoleLogin"
| stats count(*) as eventCount by userIdentity.userName, sourceIPAddress
| sort eventCount desc
filter not sourceIPAddress =~ /^(?i)123.123.123.123/ and userIdentity.userName =~/^(?i)\w/
| stats count(*) as eventCount by eventName, userIdentity.userName, sourceIPAddress
| sort eventCount desc
filter eventName="ConsoleLogin"
@skout23
skout23 / google_calendar_events_quick_scanner.py
Created October 13, 2020 18:53
A very quick/dirty scanner to look for secrets in calendar events
# Futures
from __future__ import print_function
# Built-in/Generic Imports
import datetime
import pickle
import os.path
import re
# Libs
@skout23
skout23 / s3_bucket_sizes.sh
Created February 1, 2019 19:27
Get the latest size in bytes of all s3 buckets given a list of profiles
#!/bin/bash
aws_profile=("default" "otherprofile");
region="us-east-1"
# setting the expected date() format BSD style (macos)
start_time="$(date -v-2d '+%Y-%m-%d')"
end_time="$(date '+%Y-%m-%d')"
#loop AWS profiles array incase we provide more than 1 profile
for profile in "${aws_profile[@]}"; do
@skout23
skout23 / buffer_overflow.c
Last active April 26, 2018 08:02
simple buffer_overflow for testing afl
/*
Compile with:
afl-gcc -fno-stack-protector -z execstack buffer_overflow.c -o buffer_overflow
gcc -fno-stack-protector -z execstack buffer_overflow.c -o buffer_overflow
*/
#include <stdio.h>
#include <string.h>
# should pick up pyenv as dep
brew install pyenv-virtualenv
# add to your .bash_profile or other .profile
eval "$(pyenv init -)"
eval "$(pyenv virtualenv-init -)"
# List available pythons versions
$ pyenv install -l

Keybase proof

I hereby claim:

  • I am skout23 on github.
  • I am skout23 (https://keybase.io/skout23) on keybase.
  • I have a public key ASDw8P2ph2XFQLlCW0GtGhnuJZlOBN6nQMSmPzXH_VPlYAo

To claim this, I am signing this object:

# act like GNU screen
unbind C-b
set -g prefix C-a
# look good
set -g default-terminal "screen-256color"
# Allows for faster key repetition
set -s escape-time 0
@skout23
skout23 / avg_student_count.rb
Created October 12, 2012 18:09
Clever API quickie
require 'json'
require 'rest-client'
=begin
{"data"=>
{"district"=>"4fd43cc56d11340000000005",
"school"=>"4fee004cca2e43cf27000002",
"name"=>"Advanced Literature 1(B)",
"teacher"=>"4fee004dca2e43cf270007e8",
@skout23
skout23 / manage_snapshots.rb
Last active October 6, 2015 13:38
AWS ec2 EBS snapshot management
#!/usr/bin/env ruby
# cleaned up a bit, makes use of memoize to better handle queries to the EC2 backend, less calls == faster.
require 'rubygems'
require 'aws-sdk'
regions = [
"ec2.us-east-1.amazonaws.com",