William Zujkowski williamzujkowski
williamzujkowski
/ nodeshield-attack-simulation.js
Created
November 17, 2025 04:44
NodeShield attack simulation suite for testing CBOM enforcement
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env node | |
| /** | |
| * NodeShield Attack Simulation Suite | |
| * | |
| * Simulates common supply chain attack patterns to validate CBOM enforcement. | |
| * ⚠️ EDUCATIONAL ONLY - Do not use against systems you don't own. | |
| * | |
| * Based on NodeShield research dataset (arXiv 2508.13750) | |
| * Attack vectors tested: credential theft, RCE, data exfiltration, cryptomining | |
| * |
williamzujkowski
/ nodeshield-docker-setup.sh
Created
November 17, 2025 04:44
NodeShield Docker deployment configuration with CBOM enforcement
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # NodeShield Docker Deployment Stack | |
| # Complete setup for homelab CBOM enforcement testing | |
| # Tested on: Ubuntu 24.04, Docker 24.0.7, NodeShield 1.2.0 | |
| set -euo pipefail | |
| # Configuration | |
| API_DIR="./my-api" | |
| NODESHIELD_VERSION="1.2.0" |
williamzujkowski
/ doh-geo-selector.py
Created
November 3, 2025 22:49
DoH Advanced Routing - nginx load balancing and geo-based provider selection
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # DoH Provider Selection Based on Geographic Location | |
| def select_doh_provider(client_ip): | |
| """Select optimal DoH provider based on location""" | |
| # Simplified geo-detection | |
| if client_ip.startswith('192.168.'): | |
| return "https://local-doh.home.arpa/dns-query" | |
| elif is_asian_ip(client_ip): | |
| return "https://dns.google/dns-query" # Better in Asia |
williamzujkowski
/ doh-troubleshooting.sh
Created
November 3, 2025 22:49
DoH Troubleshooting - Fixes for caching, timeouts, and corporate network compatibility
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # DoH Troubleshooting - Common fixes | |
| # 1. Slow Initial Queries | |
| # Implement DNS caching | |
| # For dnsmasq | |
| echo "cache-size=10000" >> /etc/dnsmasq.conf | |
| echo "min-cache-ttl=3600" >> /etc/dnsmasq.conf | |
| # For systemd-resolved |
williamzujkowski
/ doh-cert-pinning.py
Created
November 3, 2025 22:49
DoH Security Hardening - Firewall rules and certificate pinning for DNS-over-HTTPS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # DoH Certificate Pinning for Self-Hosted Servers | |
| import ssl | |
| import hashlib | |
| import base64 | |
| class SecureDoHClient: | |
| # ... (additional implementation details) |
williamzujkowski
/ doh-monitoring-tools.py
Created
November 3, 2025 22:49
DoH Monitoring Tools - Performance testing, DNS leak checks, and log analysis for DNS-over-HTTPS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # DoH Performance Monitoring Tools | |
| import time | |
| import dns.resolver | |
| import requests | |
| from statistics import mean, stdev | |
| # Test using curl | |
| # curl -H 'content-type: application/dns-message' \ |
williamzujkowski
/ doh-router-setup.sh
Created
November 3, 2025 22:49
DoH Router Setup - Configurations for Linux (cloudflared), Dream Machine Pro (dnscrypt-proxy), and OpenWrt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # DoH Router Setup - Multiple platform configurations | |
| # Linux (cloudflared) setup | |
| # Install cloudflared | |
| wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb | |
| sudo dpkg -i cloudflared-linux-amd64.deb | |
| # Configure as DNS proxy | |
| # ... (additional implementation details) |
williamzujkowski
/ iot-lab-setup.sh
Created
November 3, 2025 22:49
IoT Security Lab Setup - Tools installation, IoTGoat Docker deployment, firmware analysis toolkit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # IoT Security Lab Setup Script | |
| # Combines tools installation, IoTGoat deployment, and firmware analysis toolkit | |
| # Core analysis tools installation | |
| echo "[*] Installing core IoT analysis tools..." | |
| sudo apt-get update | |
| sudo apt-get install -y \ | |
| wireshark \ | |
| nmap \ |
williamzujkowski
/ iot-network-monitor.py
Created
November 3, 2025 22:49
IoT Network Monitor - Real-time packet monitoring and anomaly detection using scapy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| IoT Network Monitor | |
| Real-time packet monitoring and anomaly detection for IoT devices using scapy | |
| """ | |
| from scapy.all import * | |
| import json | |
| from datetime import datetime |
williamzujkowski
/ iot-vulnerability-testing.py
Created
November 3, 2025 22:49
IoT Vulnerability Testing Toolkit - Default credentials, MQTT discovery, command injection tests for OWASP IoTGoat
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| IoT Vulnerability Testing Toolkit | |
| Combines default credential testing, MQTT discovery, and command injection tests | |
| for OWASP IoTGoat security assessment | |
| """ | |
| import telnetlib | |
| import time | |
| import paho.mqtt.client as mqtt |