Skip to content

Instantly share code, notes, and snippets.

View adampielak's full-sized avatar
💭
tick

Adam Pielak adampielak

💭
tick
View GitHub Profile
Remote wireshark :
with tshark
ssh <REMOTE HOST> sudo tshark -w - not tcp port 22 | wireshark -k -i -
with tcpdump
ssh <REMOTE HOST> sudo tcpdump -U -s0 -w - -i eth0 'not port 22' | wireshark -k -i -
rwireshark () { ssh $1 sudo tcpdump -U -s0 -w - -i eth0 'not port 22' | wireshark -k -i - }

SSH agent forwarding and screen

When connecting to a remote server via SSH it is often convenient to use SSH agent forwarding so that you don't need a separate keypair on that server for connecting to further servers.

This is enabled by adding the

ForwardAgent yes

option to any of your Host entries in ~/.ssh/config (or alternatively with the -A option). Don't set this option in a wildcard Host * section since any user on the remote server that can bypass file permissions can now als use keys loaded in your SSH agent. So only use this with hosts you trust.

iptables -t mangle -I PREROUTING -m policy --pol ipsec --dir in -j NFLOG --nflog-group 5
iptables -t mangle -I POSTROUTING -m policy --pol ipsec --dir out -j NFLOG --nflog-group 5
tcpdump -s 0 -n -i nflog:5
@adampielak
adampielak / transparent_proxy.md
Created April 22, 2026 21:03 — forked from olivierlemoal/transparent_proxy.md
HOWTO setup Transparent proxy

Reverse / Debugging

  • Instrumentation
    • LIEF - Library to Instrument Executable Formats
    • Frida - Dynamic instrumentation toolkit
  • Binary analysis
    • Kaitai - A new way to develop parsers for binary structures.
    • binwalk - Firmware Analysis Tool
    • UEFItools - Working with UEFI firmware images
  • 010 Editor - Professional Text/Hex Editor with Binary Templates
@adampielak
adampielak / gist9-filebeat-logging.yml
Created December 3, 2025 12:11 — forked from williamzujkowski/gist9-filebeat-logging.yml
Container Security - Filebeat Log Aggregation (Wazuh Integration)
# Filebeat configuration for container log aggregation
# Ship container logs to Wazuh for centralized monitoring
# Tags: container-security, logging, wazuh, filebeat
filebeat.inputs:
- type: container
paths:
- /var/lib/docker/containers/*/*.log
processors:
- add_docker_metadata:
@adampielak
adampielak / cis-benchmark-scanning.sh
Created December 3, 2025 12:10 — forked from williamzujkowski/cis-benchmark-scanning.sh
CIS benchmark scanning commands for Docker and Kubernetes security auditing
#!/bin/bash
# Docker Bench Security
git clone https://github.com/docker/docker-bench-security.git
cd docker-bench-security
sudo sh docker-bench-security.sh
# Kubernetes kube-bench
kubectl apply -f https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job.yaml
kubectl logs job/kube-bench
@adampielak
adampielak / ai-docker-compose.yml
Created December 3, 2025 12:09 — forked from williamzujkowski/ai-docker-compose.yml
Docker Compose configuration for isolated AI experiment environment with network isolation and resource limits
# Docker Compose for isolated AI environment
# Provides network isolation and resource limits for AI experiments
services:
ai-sandbox:
image: pytorch/pytorch:latest
container_name: ai-experiment
networks:
- ai-isolated
volumes:
@adampielak
adampielak / ai-firewall-rules.sh
Created December 3, 2025 12:09 — forked from williamzujkowski/ai-firewall-rules.sh
Network segmentation firewall rules for AI VLAN using iptables
#!/bin/bash
# Dream Machine Professional firewall rules for AI VLAN
# Network segmentation for AI workloads
# AI VLAN Configuration
AI_VLAN="10.0.50.0/24"
INTERNAL_REPO="10.0.10.5"
# Allow: AI VLAN -> Internal model repository
iptables -A FORWARD -s $AI_VLAN -d $INTERNAL_REPO -j ACCEPT
@adampielak
adampielak / secure-model-loader.py
Created December 3, 2025 12:08 — forked from williamzujkowski/secure-model-loader.py
Verify ML model integrity with checksums before loading to prevent tampering
import torch
import hashlib
from pathlib import Path
from typing import Optional
class SecureModelLoader:
"""Verify model integrity before loading."""
def __init__(self, trusted_hashes_file: str = "model_hashes.txt"):
self.trusted_hashes = self._load_trusted_hashes(trusted_hashes_file)