Skip to content

Instantly share code, notes, and snippets.

View nyrahul's full-sized avatar
🐞

Rahul Jadhav nyrahul

🐞
134 followers · 19 following
  • AccuKnox
View GitHub Profile
@nyrahul
nyrahul / patch-sumengine-cm.yaml
Created December 2, 2025 16:58
patch-sumengine-cm.yaml
data:
app.yaml: |2-
summary-engine:
k8s:
enable: true
kubearmor:
cron-interval: 0h05m0s
enabled: false
exclude-events:
operation:
@nyrahul
nyrahul / autodel-netpol-adm.sh
Created November 25, 2025 06:36
Install Kyverno and Auto delete netpol
# Install Kyverno
kubectl create namespace kyverno
kubectl apply -f https://raw.githubusercontent.com/kyverno/kyverno/main/config/release/install.yaml
kubectl apply -f - <<'EOF'
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
name: block-auto-networkpolicy
spec:
@nyrahul
nyrahul / og.json
Created November 18, 2025 06:53
AccuKnox Frontend Code with AI Analysis of SAST Analysis
{
"version": "1.11.5",
"scan_date": "2025-11-18T03:23:29.531Z",
"total_findings": 18,
"false_positives_count": 5,
"true_positives_count": 13,
"priority_breakdown": {
"critical": 0,
"high": 8,
"medium": 5,
@nyrahul
nyrahul / kubearmor-alert.json
Created November 14, 2025 03:23
kubearmor-alert.json
{"Action":"Audit","ClusterName":"rj-prox-pandora","ContainerID":"53d1d2024ac5fdc83507471461b0a33eac5e42ebf400431cea1176c91a030825","ContainerImage":"docker.io/kubeedge/iptables-manager:v1.21.0@sha256:4a8466bdf5c9425a51f4fc52c5f3f258eaee1a4f7980914f03d1deef658185a3","ContainerName":"iptables-manager","Cwd":"/","Data":"syscall=SYS_EXECVE","Enforcer":"eBPF Monitor","HostName":"ubuntu24-k3s1-node2","HostPID":2446915,"HostPPID":228824,"Labels":"k8s-app=iptables-manager,kubeedge=iptables-manager","Message":"Detected use of network packet manipulation tool","NamespaceName":"kubeedge","Operation":"Process","Owner":{"Name":"cloud-iptables-manager","Namespace":"kubeedge","Ref":"DaemonSet"},"PID":115661,"PPID":21,"ParentProcessName":"/usr/local/bin/iptables-manager","PodName":"cloud-iptables-manager-pmsjf","PolicyName":"harden-audit-network-packet-tools","ProcessName":"/usr/sbin/iptables","Resource":"/usr/sbin/iptables -w 5 -W 100000 -C PREROUTING -t nat -m comment --comment kubeedge tunnel port -j TUNNEL-PORT","Result"
@nyrahul
nyrahul / getres_limreq.sh
Last active May 16, 2025 16:14
Sum up CPU/Memory Limits/Requests for a given k8s namespace
js=$(kubectl get pods -n agents -o json) && \
cpur=$(echo $js | jq '.items[].spec.containers[]?.resources.requests.cpu' | sed -r 's/([0-9]*)m/\1/' | sed -e 's/"//g' -e 's/,//g' | paste -sd+ - | bc) && \
cpul=$(echo $js | jq '.items[].spec.containers[]?.resources.limits.cpu' | sed -r 's/([0-9]*)m/\1/' | sed -e 's/"//g' -e 's/,//g' | paste -sd+ - | bc) && \
memr=$(echo $js | jq '.items[].spec.containers[]?.resources.requests.memory' | sed -r 's/([0-9]*)Mi/\1/' | sed -e 's/"//g' -e 's/,//g' | paste -sd+ - | bc) && \
meml=$(echo $js | jq '.items[].spec.containers[]?.resources.limits.memory' | sed -r 's/([0-9]*)Mi/\1/' | sed -e 's/"//g' -e 's/,//g' | paste -sd+ - | bc) && \
echo -en "CPU Requests=${cpur}m, CPU Limits=${cpul}m\nMem Requests=${memr}Mi, Mem Limits=${meml}Mi\n"
@nyrahul
nyrahul / perms.sh
Created November 11, 2024 10:45
Fix permissions
kubectl exec -it -n accuknox-divy deployments/uwsgi -- python3 manage.py shell -c "from source.models.roles import Role
from tenant.models import Permission,Client, VisiblePermissions
from django_tenants.utils import schema_context
for client in Client.objects.exclude(schema_name__in=['root']):
with schema_context(client.schema_name):
print(client.schema_name)
admin_role = Role.objects.get(name='Admin')
for permission in Permission.objects.all():
@nyrahul
nyrahul / check-job-status.sh
Last active August 4, 2024 04:46
Check cluster kueue job status
# Show all workloads/jobs
kubectl get workload -A -o json | jq '.items[] | "\(.metadata.namespace) \(.metadata.name) \(.status.conditions[-1].type)"'
# Show Admitted workloads/jobs
kubectl get workload -A -o json | jq -c '.items[] | select(.status.conditions[-1].type == "Admitted") | [.metadata.namespace,.metadata.name]'
# Get all jobs across all namespaces in Pending state ... AccuKnox executes the jobs in init containers
kubectl get pods -A --selector job-type=accuknox-jobs --field-selector=status.phase==Pending
# list k8s-jobs queue
@nyrahul
nyrahul / clam.sh
Last active April 15, 2024 07:47
clamav scan
#!/bin/bash
# Update scan database
sudo freshclam --datadir=$PWD/clamdb --foreground
# Run the scan on the given folder path
docker run \
-it --rm \
--mount type=bind,source=$PWD/env,target=/scandir \
-v $PWD/clamdb:/clamdb \
@nyrahul
nyrahul / artifact api.sh
Last active August 5, 2024 18:43
AccuKnox Artifact API
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
trivy image -f json -o results.json --timeout 3600s nginx:latest
curl --location 'https://cspm.demo.accuknox.com/api/v1/artifact/?tenant_id=2618&data_type=TR&save_to_s3=True&label_id=testknox' --header 'Tenant-Id: 2618' --header 'Authorization: Bearer <TOKEN>' --form 'file=@"results.json"'
# Sonar qube scanner
sonar-scanner -Dsonar.token=<SQ-TOKEN> -Dsonar.projectKey=nimbus -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json
curl -u <SQ-TOKEN>: 'http://35.188.10.229:9000/api/issues/search?components=nimbus' -o sonar-report.json
curl --location 'https://cspm.demo.accuknox.com/api/v1/artifact/?tenant_id=2509&data_type=SQ&save_to_s3=True&label_id=SAST' --header 'Tenant-Id: 2509' --header 'Authorization: Bearer <ARTIFACT-TOKEN>' --form 'file=@"sonar-report.json"'
@nyrahul
nyrahul / prevent-crypto-miners.yaml
Last active March 22, 2024 10:20
KubeArmor policy template for preventing crypto miners execution
apiVersion: security.kubearmor.com/v1
kind: KubeArmorPolicy
metadata:
name: prevent-crypto-miners
spec:
selector:
matchLabels:
app: wordpress
action: Block