I hereby claim:
- I am spirosoik on github.
- I am spirosoik (https://keybase.io/spirosoik) on keybase.
- I have a public key ASCljENlbiBVqNTFVRxmZBXgOOiziU0Z_-BrTMKFJ1wtkAo
To claim this, I am signing this object:
spirosoik
/ keybase.md
Last active
August 22, 2018 09:50
spirosoik
/ dns_tunneling_length_name.sql
Last active
September 29, 2018 09:43
DNS Tunneling Length Name Exceed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SET autocreate=true; | |
| INSERT INTO dns_tunneling_length_name | |
| SELECT STREAM * FROM DNS_DHCP_TRAFFIC | |
| WHERE LEN(dns.dns_question[0].name) > 60 | |
| GROUP BY dns.dns_question[0].name, ipv4.srcAddr |
spirosoik
/ dns_pattern_requests_violation.sql
Last active
September 29, 2018 09:53
DNS Pattern Requests Violation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SET autocreate=true; | |
| INSERT INTO dns_pattern_requests_violation | |
| WITH log_regex as ( | |
| SELECT STREAM | |
| dns, | |
| ipv4, | |
| udp, | |
| regexp(dns.dns_question[0].name, '(\d.*?){5,}') as rule_numbers, | |
| regexp(dns.dns_question[0].name, '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}') as rule_is_ip |
spirosoik
/ dns_packet_exceed_length.sql
Last active
September 29, 2018 09:44
DNS Packet Length Exceed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SET autocreate=true; | |
| INSERT INTO dns_packet_exceed_length | |
| SELECT STREAM * FROM DNS_DHCP_TRAFFIC | |
| WHERE udp.length > 512 |
docker run \
--rm --net=host -d <YOUR-NETWORK-INTERFACE> \
-s "kafka://?topic=DNS_DHCP_TRAFFIC&addrs=<YOUR-KAFKA-BROKER-ADDRESS>:19092" \
--queue-bucket-size=1 \
--queue-item-size=15000 \
quay.io/mantisnet/ppe-publish-dns-dhcp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module "argocd" { | |
| source = "git@github.com:<our-secret-repo>/cloud-terraform-modules.git//aws/argocd?ref=v1.2.0" | |
| cluster_endpoint = module.eks.kube_provider.host | |
| cluster_cacert = base64encode(module.eks.kube_provider.cluster_ca_certificate) | |
| cluster_token = module.eks.kube_provider.token | |
| cluster_name = module.eks.kube_provider.aws.args.cluster_name | |
| aws_cluster_assume_role_arn = module.eks.kube_provider.aws.args.role | |
| argocd_namespace = var.argocd_namespace | |
| argocd_manifest_uri = var.argocd_manifest_uri |
spirosoik
/ app-external-dns.yaml
Created
December 16, 2020 13:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: argoproj.io/v1alpha1 | |
| kind: Application | |
| metadata: | |
| name: external-dns | |
| namespace: argocd | |
| annotations: | |
| argocd.argoproj.io/sync-wave: "-2" | |
| finalizers: | |
| - resources-finalizer.argocd.argoproj.io | |
| spec: |
spirosoik
/ app-external-secrets.yaml
Created
December 16, 2020 13:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: argoproj.io/v1alpha1 | |
| kind: Application | |
| metadata: | |
| name: external-secrets | |
| namespace: argocd | |
| annotations: | |
| argocd.argoproj.io/sync-wave: "-2" | |
| finalizers: | |
| - resources-finalizer.argocd.argoproj.io | |
| spec: |
spirosoik
/ app-nginx-ingress.yaml
Last active
May 23, 2024 15:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: argoproj.io/v1alpha1 | |
| kind: Application | |
| metadata: | |
| name: nginx-ingress | |
| namespace: argocd | |
| annotations: | |
| argocd.argoproj.io/sync-wave: "-1" | |
| finalizers: | |
| - resources-finalizer.argocd.argoproj.io | |
| spec: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package lead | |
| type eventTestSuite struct { | |
| suite.Suite | |
| err error | |
| eventHandler *LeadEventHandler | |
| crmClient *mockCrmClient | |
| username string | |
| userURN string |
OlderNewer