William Zujkowski williamzujkowski
williamzujkowski
/ vuln-scanner.py
Created
November 18, 2025 01:28
NVD Vulnerability Scanner for Homelab - Python implementation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| NVD Vulnerability Scanner for Homelab | |
| Scans installed packages against National Vulnerability Database | |
| """ | |
| import requests | |
| import json | |
| import subprocess | |
| from packaging import version |
williamzujkowski
/ promsketch-grafana-queries.json
Created
November 17, 2025 05:07
Grafana dashboard queries optimized with PromSketch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "dashboard": { | |
| "title": "PromSketch Optimized Metrics", | |
| "panels": [ | |
| { | |
| "title": "P99 Request Latency (Optimized)", | |
| "targets": [ | |
| { | |
| "expr": "histogram_quantile(0.99, rate(http_request_duration_seconds_bucket[5m]))", | |
| "datasource": "PromSketch" |
williamzujkowski
/ promsketch-benchmark.sh
Created
November 17, 2025 05:07
PromSketch query performance benchmarking script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # PromSketch benchmark script - compare query performance | |
| PROMETHEUS_URL="http://localhost:9090" | |
| PROMSKETCH_URL="http://localhost:8080" | |
| QUERY='histogram_quantile(0.99, rate(http_request_duration_seconds_bucket[5m]))' | |
| echo "=== PromSketch Benchmark ===" | |
| echo "Query: ${QUERY}" | |
| echo "" |
williamzujkowski
/ promsketch-docker-compose.yaml
Created
November 17, 2025 05:07
Prometheus + PromSketch + Grafana Docker Compose stack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.8' | |
| services: | |
| prometheus: | |
| image: prom/prometheus:v2.48.0 | |
| container_name: homelab_prometheus | |
| restart: unless-stopped | |
| command: | |
| - '--config.file=/etc/prometheus/prometheus.yml' | |
| - '--storage.tsdb.path=/prometheus' |
williamzujkowski
/ authrest-test-suite.py
Created
November 17, 2025 05:07
pytest test suite for AuthREST API authentication testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| pytest Test Suite for AuthREST Scanner | |
| Tests authentication pattern detection | |
| """ | |
| import pytest | |
| import requests | |
| from authrest_scanner import AuthRestScanner, AuthTest | |
| @pytest.fixture |
williamzujkowski
/ authrest-scanner.py
Created
November 17, 2025 05:07
AuthREST-style API authentication security scanner in Python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| AuthREST-style API Authentication Scanner | |
| Parses OpenAPI specs and tests authentication patterns | |
| """ | |
| import json | |
| import requests | |
| from typing import Dict, List, Optional | |
| from dataclasses import dataclass |
williamzujkowski
/ kubefence-k3s-setup.yaml
Created
November 17, 2025 05:07
K3s cluster configuration with KubeFence DaemonSet deployment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # KubeFence K3s Cluster Configuration | |
| # Deploys K3s with embedded etcd + KubeFence DaemonSet | |
| # Tested on Ubuntu 24.04, K3s 1.28.6 | |
| --- | |
| # K3s server configuration (master node) | |
| # Deploy with: curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="server" sh -s - --config k3s-server.yaml | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: |
williamzujkowski
/ kubefence-policy-generator.py
Created
November 17, 2025 05:07
KubeFence policy generator from Kubernetes audit logs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| KubeFence Policy Generator | |
| Analyzes K3s audit logs and generates fine-grained API policies | |
| Usage: | |
| python3 kubefence-policy-generator.py --namespace default --output policies/ | |
| """ | |
| import argparse |
williamzujkowski
/ kubefence-helm-install.sh
Created
November 17, 2025 05:07
KubeFence Helm deployment with cert-manager and policy generation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # KubeFence Helm Installation Script | |
| # Deploys KubeFence as DaemonSet on K3s control plane nodes | |
| # Tested on K3s 1.28.6, Ubuntu 24.04 | |
| set -euo pipefail | |
| NAMESPACE="kubefence-system" | |
| RELEASE_NAME="kubefence" | |
| CHART_VERSION="0.1.0" |
williamzujkowski
/ nodeshield-cbom-generator.sh
Created
November 17, 2025 04:44
NodeShield CBOM policy generation and validation workflow
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # NodeShield CBOM Generation Workflow | |
| # Automates SBOM → CBOM conversion with manual review prompts | |
| # | |
| # Dependencies: | |
| # - Syft (SBOM generator): https://github.com/anchore/syft | |
| # - NodeShield CLI: npm install -g @nodeshield/cli | |
| # | |
| # Usage: | |
| # ./generate-cbom.sh /path/to/nodejs/project |