GuardDuty events sent via CloudWatch rules and SNS emails are ugly.
It is possible to improve them using inputTransformer.
guardduty-event-target.tf shows an example usage.
andresriancho
/ prompt_compression.py
Created
March 7, 2025 12:38
Compress structured prompts using LLMLingua2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from typing import Optional, List | |
| from llmlingua import PromptCompressor | |
| MODEL_CONFIG = {} | |
| MODEL = "microsoft/llmlingua-2-xlm-roberta-large-meetingbank" | |
| RATE = 0.33 | |
| class LLMLinguaSegment: | |
| """Class representing a single <llmlingua> segment, encapsulating its content, rate, and compress flag.""" | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| import botocore | |
| def log_request(request, **kwargs): | |
| """Logs all HTTP requests made by boto3 before they are sent.""" | |
| print(f"🔍 Intercepted HTTP request:") | |
| print(f" - Method: {request.method}") | |
| print(f" - URL: {request.url}") | |
| print(f" - Headers: {request.headers}") | |
| print(f" - Body: {request.body}\n") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SELECT eventtime, | |
| eventname, | |
| requestparameters, | |
| awsregion, | |
| eventsource, | |
| resources | |
| FROM cloudtrail_662651605507 | |
| WHERE year = '2019' | |
| AND month IN ('7', '8', '9', '10', '11') | |
| AND eventsource = 's3.amazonaws.com' |
andresriancho
/ query.sql
Created
November 8, 2019 17:17
Athena query to get AWS Lambda function invoke calls
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SELECT eventtime, | |
| eventname, | |
| requestparameters, | |
| awsregion, | |
| eventsource, | |
| resources | |
| FROM cloudtrail_662651605507 | |
| WHERE year = '2019' | |
| AND month IN ('7', '8', '9', '10', '11') | |
| AND eventsource = 'lambda.amazonaws.com' |
andresriancho
/ get-display-name.py
Last active
October 18, 2024 15:00
Get AWS root account email address
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| session = boto3.Session(profile_name='ariancho') | |
| s3_client = session.client('s3') | |
| display_name = s3_client.list_buckets()['Owner']['DisplayName'] | |
| print(display_name) | |
| for bucket in s3_client.list_buckets()['Buckets']: | |
| print(s3_client.get_bucket_acl(Bucket=bucket['Name'])['Owner']['DisplayName']) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import sys | |
| import time | |
| import random | |
| import subprocess | |
| FNULL = open(os.devnull, 'w') | |
| env = {'HTTPS_PROXY': 'http://localhost:8080/'} | |
| cmd = ('aws --region us-east-1 --no-verify-ssl --profile=andres-root s3api delete-object' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import timeit | |
| import lz4.frame | |
| import lzf | |
| import zlib | |
| #import snappy | |
| import os | |
| from timeit import Timer | |
| DATA = open("test.py", "rb").read() | |
| DLEN = len(DATA) |
andresriancho
/ source-code-review-atom.md
Last active
July 23, 2018 21:44
Ideas for source code review plugin for Atom
As an application security expert I use Atom to read source code. I would like to be able to have a plugin with features that will help me identify vulnerabilities.
-
Add annotations to the source code: Select a few lines of code, right click, "Add annotation", text box appears, user types comments on the source code, clicks "Save". All annotations can be seen in a tab. If the code has annotations then it is highlighted differently (change background color)
-
The plugin implements methods for searching for XSS, SQL injection, etc. The plugin adds a menu
andresriancho
/ smart-contract-research.md
Last active
November 8, 2017 11:34
Smart contracts research
How does Oraclize work? How do they use crypto to guarantee that they are providing unmodified results for the HTTP queries?
NewerOlder