A Python module that lets you interact with XML as if it were a Python-native dict.
import json
import xmltodict
xmlfile = <blah blah blah>
document = json.loads(xmltodict.parse(xmlfile))
Just some cheat sheets I work on for some programs I tend to use on actual HW when the PDFs or archive.org isn't available.
A free political research tool to study more than 100 million voter records.
AWS Kill Switch is a Lambda function (and proof of concept client) that an organization can implement in a dedicated "Security" account to give their security engineers the ability to delete IAM roles or apply a highly restrictive service control policy (SCP) on any account in their organization.
The actions you take with this tool are one-way operations. Do not test/experiment in production. Any SCPs applied or IAM roles deleted will remain in this state until manual action is taken to remove the SCP or recreate deleted role and/or policies. Ensure that you have the the ability to reverse these changes and incorporate the appropriate steps in your incident response playbooks.
If you need to lock down and lock out an AWS environment, this will do it for you, but it's the nuclear option.
OpenSCAP represents both a library and a command line tool which can be used to parse and evaluate each component of the SCAP standard. The library approach allows for the swift creation of new SCAP tools rather than spending time learning existing file structure. The command-line tool, called oscap, offers a multi-purpose tool designed to format content into documents or scan the system based on this content. Whether you want to evaluate DISA STIGs, NIST‘s USGCB, or Red Hat’s Security Response Team’s content, all are supported by OpenSCAP.
If your main goal is to perform configuration and vulnerability scans of a local system then oscap can be the right tool for you. It can evaluate both XCCDF benchmarks and OVAL definitions and generate the appropriate results. The tool supports SCAP 1.2 and is backward compatible with SCAP 1.1 and 1.0.
OpenSCAP is available on various Linux distributions, including Red Hat Enterprise Linux, Fedora and Ubuntu. Since version 1.3.0 OpenSCAP supports also Microsoft Windows.
sudo apt-get install libopenscap8
Does not require root access to run. Can generate reports as HTML or XML.
Canonical’s Security Team produces Ubuntu OVAL, a structured, machine-readable dataset for all supported Ubuntu releases. It can be used to evaluate and manage security risks related to any existing Ubuntu components. It is based on the Open Vulnerability and Assessment Language (OVAL).
Ubuntu OVAL also allows for any third-party Security Content Automation Protocol (SCAP) compliant tools to accurately scan an Ubuntu system or an official Ubuntu OCI image for vulnerabilities.
wget https://security-metadata.canonical.com/oval/com.ubuntu.$(lsb_release -cs).usn.oval.xml.bz2
A site that lets you search by word or phrase in a television show or movie, and tells you what was it was.
Public api for aircraft, airlines, and flight routes. No API key, everything is rate limited over a 60 second period.
I don't know how useful or reliable it is yet.
A modern, RESTful, scalable solution to the common problem of telling people to fuck off.
ENiGMA½ is a modern BBS software with a nostalgic flair!
Multi platform - Anywhere Node.js runs likely works. Unlimited multi node support. Highly customizable via HJSON based configuration, menus, and themes in addition to JavaScript based mods. MCI support for lightbars, toggles, input areas, and so on plus many other other bells and whistles. Telnet, SSH, and both secure and non-secure WebSocket access built in! Additional servers are easy to implement. SyncTERM style font and baud emulation support. Display PC/DOS and Amiga style artwork as it's intended! In general, ANSI-BBS / cterm.txt / bansi.txt are followed for expected BBS behavior.
Renegade style pipe color codes. SQLite storage of users, message areas, etc. Strong PBKDF2 backed password hashing. Support for 2-Factor Authentication with OTP. Door support including common dropfile formats for legacy DOS doors. Built in BBSLink, DoorParty, and Exodus! Message networks with FidoNet Type Network (FTN) + BinkleyTerm Style Outbound (BSO) message import/export. Messages Bases can also be exposed via Gopher or NNTP as well. ANSI support in the Full Screen Editor (FSE), file descriptions, etc.
Legend has it that once upon a time a networking instructor named Bob taught a class of students a method of subnetting any address using a special chart. This was known as the Bob Maneuver. These students, being the smart type that networking students usually are, added a row to the top of the chart and the Enhanced Bob Maneuver was born. The chart and instructions on how to use it follow. With practice, you should be able to subnet any address and come up with an IP plan in under a minute. After all, it's just math!
This guy has been redrawing parts of memorable scenes from the Ghostbusters movies in the same style as the Real Ghostbusters cartoon from the mid-1980's.
HTML First is a set of principles that aims to make building web software easier, faster, more inclusive, and more maintainable by...
The Phone of the Wind originated in Japan by its creator Itaru Sasaki, while grieving his cousin who died of Cancer. He purchased an old-fashioned phone booth and set it up in his garden. He installed an obsolete rotary phone not connected to wires or any "earthly system." Here, Itaru felt a continued connection to his cousin and found comfort and healing amid his grief. Itaru gave his phone booth a name, Kaze No Denwa (風の電話), translated as The Telephone of the Wind.
The Phone of the Wind is a shrine mindfully created to connect people to their loved ones on the other side. It is one of the world's most powerful resilience sites. Grievers travel from around the world to "call" their loved ones in spirit, to say the things they didn't get a chance to say while the person was living. It is a place that offers the peace and solitude grievers need to work through their pain. Itaru Sasaki has inspired the creation of many beautiful spaces all over the world with the sole purpose of holding space for a griever. One where the wind will carry their words to those they love who have gone ahead.
Kermit is the name of a file-transfer and -management protocol and a suite of computer programs for many types of computers that implements that protocol as well as other communication functions ranging from terminal emulation to automation of communications tasks through a high-level cross-platform scripting language. The software is transport-independent, operating over TCP/IP connections in traditional clear-text mode or secured by SSH, SSL/TLS, or Kerberos IV or V, as well as over serial-port connections, modems, and other communication methods (X.25, DECnet, various LAN protocols such as NETBIOS and LAT, parallel ports, etc, on particular platforms).
Three traditional BBS-circulated documents about the QWK format, based on reverse engineering; the official spec, excerpted from the documentation of 1stReader; and the official QWKE specification, all re-formatted with Markdown. Although I consider some of this material to be inaccurate, I’ve tried to avoid editing for content, except to remove references to web sites, boards and addresses that are no longer working.
Toybox combines many common Linux command line utilities together into a single BSD-licensed executable. It's simple, small, fast, and reasonably standards-compliant (POSIX-2008 and LSB 4.1).
Toybox's main goal is to make Android self-hosting by improving Android's command line utilities so it can build an installable Android Open Source Project image entirely from source under a stock Android system. After a talk at the 2013 Embedded Linux Conference explaining this plan (outline, video), Google merged toybox into AOSP and began shipping toybox in Android Marshmallow in 2015.
Toybox aims to provide one quarter of a theoretical "minimal native development environment", which is the simplest Linux system capable of rebuilding itself from source code and then building Linux From Scratch and the Android Open Source Project under the result. In theory, this should only require four packages: 1) a set of posix-ish command line utilities, 2) a compiler[1], 3) a C library, and 4) a kernel. This provides a reproducible and auditable base system, which with the addition of a few convienciences (vi, top, shell command line history...) can provide a usable interactive experience rather than just a headless build server.