Before starting, check the git history to determine if this is a follow-up review:
git log --oneline -10 | grep -i "Co-Authored-By: Claude"
Kinnaird McQuade kmcquade
patyearone
/ final-review-gist.md
Created
January 28, 2026 19:03
Claude Code /final-review slash command - Comprehensive PR review workflow with parallel agents
iann0036
/ gist:b473bbb3097c5f4c656ed3d07b4d2222
Last active
November 14, 2025 12:59
List of expensive / long-term effect AWS IAM actions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| acm-pca:CreateCertificateAuthority | |
| aws-marketplace:AcceptAgreementApprovalRequest | |
| aws-marketplace:Subscribe | |
| backup:PutBackupVaultLockConfiguration | |
| bedrock:CreateProvisionedModelThroughput | |
| bedrock:UpdateProvisionedModelThroughput | |
| devicefarm:PurchaseOffering | |
| dynamodb:PurchaseReservedCapacityOfferings | |
| ec2:ModifyReservedInstances | |
| ec2:PurchaseCapacityBlock |
bkimminich
/ .vulns.yml.md
Last active
April 29, 2022 19:38
A specification for declaring vulnerabilities in intentionally vulnerable applications ("vulnapps") to help scanners assess their own find rate
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/app.yaml | |
| name: My Python Project | |
| on: push | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| services: |
breser
/ remove_unused_default_vpcs.sh
Last active
February 19, 2021 02:13
remove_unused_default_vpcs.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Delete Default VPCs | |
| # Deletes Default VPCs across an entire organization if there are no ENIs in | |
| # the default VPC. | |
| # | |
| # Assumes that ~/.aws/credentials has credentials to the root account for the | |
| # AWS Organization. Assumes that the user/role you're logged into in the | |
| # root account has permissions to assume the OrganizationAccountAccessRole in | |
| # each member account. Requires jq and aws cli be installed on the path. |
kfosaaen
/ MI-Owner-Escalation.ps1
Created
February 14, 2020 21:50
A simple PoC for using an Azure Managed Identity to add a user as a Subscription Owner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #---------Query MetaData for SubscriptionID---------# | |
| $response2 = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/instance?api-version=2018-02-01' -Method GET -Headers @{Metadata="true"} -UseBasicParsing | |
| $subID = ($response2.Content | ConvertFrom-Json).compute.subscriptionId | |
| #---------Get OAuth Token---------# | |
| $response = Invoke-WebRequest -Uri 'http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/' -Method GET -Headers @{Metadata="true"} -UseBasicParsing | |
| $content = $response.Content | ConvertFrom-Json | |
| $ArmToken = $content.access_token |
patricksanders
/ summarize.py
Created
January 31, 2020 16:46
Summarize IAM policy with policy_sentry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| from policy_sentry.analysis.analyze import analyze_by_access_level, determine_actions_to_expand | |
| from policy_sentry.shared.database import connect_db | |
| DB_SESSION = connect_db('bundled') # Use the bundled data that comes with Policy Sentry | |
| sample_policy = json.loads(""" | |
| { | |
| "Statement":[ |
kmcquade
/ AWS API calls that return credentials.md
Last active
December 19, 2025 23:58
AWS API calls that return credentials
This is a list of all the magic IP addresses that are addressible in AWS.
| IP Address | Description |
|---|---|
| 169.254.169.254 | AWS Metadata Service |
| 169.254.169.253 | Alternate VPC DNS resolver |
| 169.254.169.123 | AWS Time Service |
| 169.254.170.2 | ECS Task Metadata |
| 169.254.169.250 | Windows Activation |
| 169.254.169.251 | Windows Activation |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function jq() { | |
| if [ -f $1 ]; then | |
| FILE=$1; shift | |
| # Move FILE at the end as expected by native jq | |
| command jq "$@" "$FILE" | |
| else | |
| command jq "$@" | |
| fi | |
| } |
NewerOlder