Skip to content

Instantly share code, notes, and snippets.

Avatar
👨‍💻
planning, coding, reviewing

Dave Hall skwashd

👨‍💻
planning, coding, reviewing
View GitHub Profile
@skwashd
skwashd / configure-dependabot.py
Created Aug 27, 2019
Batch create dependabot config.yml file in github repos
View configure-dependabot.py
#!/usr/bin/env python3
import base64
import os
import requests
token = os.environ.get("GITHUB_TOKEN")
org = os.environ.get("GITHUB_ORG")
@skwashd
skwashd / enable-github-security-tooling.py
Created Aug 26, 2019
Bulk enable dependabot and security alerts on github repos
View enable-github-security-tooling.py
#!/usr/bin/env python3
import json
import os
import requests
token = os.environ.get("GITHUB_TOKEN")
org = os.environ.get("GITHUB_ORG")
@skwashd
skwashd / README.md
Last active Dec 22, 2020
Copy AWS SSM Parameter Store Path
View README.md

This Python (3.6+) script is for migrating Amazon AWS System Manager (SSM) Parameter Store keys from one path to another.

Quick Start

To install the script do the following:

  • Configure your AWS credentials
  • Grab the code from this gist
  • Make it executable (chmod +x /path/to/copy-ssm-ps-path.py)
  • pip install boto3 (if you don't have it installed already)
@skwashd
skwashd / README.md
Created May 28, 2018
Remove all external collaborators from GitHub
View README.md

This script removes all external collaborators in a GitHub organisation. Collaborators look like a good idea when you have a small organisation and you don't want to start managing a lot of teams. Once your organisation grows collaborators are a nightmare to manage. There is little or no context about why they have access, they're often missed when auditing user access and they get forgotten about.

Setup

  • Run pip install requests to install the one and only dependency
  • Configure the GITHUB_ORG and GITHUB_TOKEN environment variables

Running

Run the script like so python3 ./remove-collaborators.py. The output should look like this:

@skwashd
skwashd / README.md
Created Jan 16, 2018
Purge GitHub Invites
View README.md

Purge GitHub Invites

Large organisations invite new users to GitHub all the time. Some times the user never accepts the invite. GitHub invites never expire. Long after the user has been forgotten they can still accept the invite. This is a potential security issue.

Back in September 2015 I asked GitHub to expose invite information via their API. In December 2016 GitHub launched their new Organization Memberships APIs, which included an endpoint for pending invitations. The initial implementation lacked information of when the invite was sent. GitHub added this property after I asked for it.

I created a script that uses this new API that checks for any invites which have been pending more than a week. If they exist they're pruged. I hope someone else finds this usef

@skwashd
skwashd / cf-tls12-only.sh
Created Oct 31, 2017
Disable old versions of TLS for all domains on Cloudflare
View cf-tls12-only.sh
#!/bin/sh
# Enable modern TLS only mode for all sites on Cloudflare (max 50)
#
# Written by Dave Hall <skwashd@gmail.com>
# CC-0 License applies - https://creativecommons.org/publicdomain/zero/1.0/
BASE_URI="https://api.cloudflare.com/client/v4"
if [[ -z "${AUTH_EMAIL}" ]]; then
@skwashd
skwashd / README.md
Last active Jul 20, 2017
Don't be the next Dow Jones
View README.md

I'm not Dow Jones

This script will audit your S3 buckets and flag those with configuration that might cause you to be the next Dow Jones.

Quick Start

  • Clone this gist - git clone https://gist.github.com/8bfcd7096558044dc84689ac05575fa8.git im-not-dow-jones
  • Change into the newly created directory - im-not-dow-jones
  • Install the dependencies - pip install -r requirements.txt
  • Setup your AWS credentials - aws configure (The account will need full access to your S3 buckets)
  • Set the excute bit on the script - chmod +x im-not-dow-jones.py
View aliases.drushrc.php
<?php
$aliases['local'] = array(
'uri' => 'http://dev.example.com',
'root' => '~/www',
);
View keybase.md

Keybase proof

I hereby claim:

  • I am skwashd on github.
  • I am skwashd (https://keybase.io/skwashd) on keybase.
  • I have a public key ASAUrgIZThxTFcSHZzGTbnA0p3UmUkVHGodY39XYP6ZDewo

To claim this, I am signing this object:

@skwashd
skwashd / README.md
Last active Sep 12, 2020
Export stored passwords from Google Chrome to 1Password
View README.md

This code snippet is for exporting passwords stored in Google Chrome for use in 1Password. It generates a 1Password compatiable CSV file.

NOTE: Your password are exported as plain text. Take proper precautions when storing the file and use a secure deletion tool.

To export your passwords follow these steps:

  • visit chrome://settings-frame/passwords
  • Open the Chrome console (Mac: [Cmd] + [Option] + J / Windows or Linux: [Ctrl] + [Shift] + J`)