Skip to content

Instantly share code, notes, and snippets.

View michaellihs's full-sized avatar

Michael Lihs michaellihs

84 followers · 11 following
View GitHub Profile
@michaellihs
michaellihs / inspec-arm.md
Last active January 14, 2020 16:05
Inspec ARM

What do I want to do

  • I want to run Inspec within a Linux container (as provided by learnchef/inspec_workstation)
  • my testing target is a ARM board running a Yocto Linux with .deb packages
  • the connection to the target is made via SSH

My control

# encoding: utf-8
@michaellihs
michaellihs / linux-cheat-sheet.md
Created January 13, 2020 14:56
Linux Cheat Sheet

Linux Cheat Sheet

Mounting additional Disks in Vagrant

fdisk /dev/sdc                   # create new partition with <n>, ... all defaults
ls -la /dev/sd*                  # check for new device name
sudo mkfs.ext4 /dev/sdc1         # format new partition with ext4
sudo mount /dev/sdc1 /mount/sdc  # mount partition
@michaellihs
michaellihs / main.go
Created December 16, 2019 17:24
Pacman in Golang
package main
import (
"bufio"
"bytes"
"encoding/json"
"flag"
"fmt"
"github.com/danicat/simpleansi"
"log"
@michaellihs
michaellihs / audax-suisse-tipps-tricks.md
Last active November 24, 2019 21:52
Audax Suisse Tipps & Tricks

Audax Suisse Tipps & Tricks

Bike

Maschine

  • Übersetzung / Ritzel
  • 32er mit Kompaktkurbel - sicher ist sicher
@michaellihs
michaellihs / feedback-cheatsheet.md
Created November 13, 2019 08:11
Feedback Cheatsheet

Feedback Cheatsheet

Initiating 1:1s

Questions you can ask regarding giving feedback:

  • Are there any topics about which you want to receive feedback from me?
  • Is there something I can watch out for (and give you feedback upon later on)?
@michaellihs
michaellihs / security-cheatsheet.md
Last active November 6, 2019 15:17
Security Cheatsheet

STRIDE

STRIDE is a method to categorize security threats:

  • Spoofing identity. Can someone spoof an identity and then abuse its authority? Spoofing identity allows attackers to do things they are not supposed to do.

  • Tampering with data. How hard is it for an attacker to modify the data they submit to your system? Can they break a trust boundary and modify the code which runs as part of your system?

  • Repudiation (Nichtanerkennung). How hard is it for users to deny performing an action? What evidence does the system collect to help you to prove otherwise? Non-repudiation refers to the ability of a system to ensure people are accountable for their actions.

@michaellihs
michaellihs / container-security.md
Last active February 12, 2020 01:25
Container Security

Container Security

Overview of Container Security Threats

  • Image Development
    • Installing SW without proper configuration, e.g. default passwords...
    • Exposed credentials in Dockerfiles
  • Malware in 3rd party resources used to build the image
@michaellihs
michaellihs / design-thinking-ux-user-story-mapping.md
Last active August 2, 2023 16:43
Design Thinking, UX, User Story Mapping...

Concepts

Journey Map

User journey map is a visualization of an individual’s relationships with a product/brand over time and across different channels.

  • commonly it’s represented as a timeline of all touch points between a user and a product
  • timeline contains information about all channels that users use to interact with a product
  • visualizes how a user interacts with a product and allows designers to see a product from a user’s point of view
@michaellihs
michaellihs / jsonnet.md
Last active May 24, 2019 15:27
jsonnet

jsonnet

CLI usage

  • Output result in YAML



  


  




    


          
    

      

        
        

          

              @michaellihs
          

          

            
                michaellihs
                / gradle-oss-deps.md
            
            

              Last active
              May 16, 2019 09:33
            

              
                Gradle OSS Dependencies
              
          

        

      

        

  

      

    
Gradle OSS Dependencies


Read OSS licenses for Gradle Dependencies. The script outputs a JSON file with the dependency, its URL on mvnrepository.com and the OSS license to STDOUT.




DISCLAIMER: if you use this script too extensively, your IP address might get blocked by mvnrepository.com!




Put this script into a file gradle-oss.sh and make it executable:


#!/usr/bin/env bash