William Zujkowski williamzujkowski
williamzujkowski
/ docker-seccomp-hardening.json
Created
November 18, 2025 01:44
Docker Seccomp Hardening - Strict Allowlist Profile
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "comment": "Strict Docker Seccomp Profile - Allowlist Approach", | |
| "defaultAction": "SCMP_ACT_ERRNO", | |
| "architectures": [ | |
| "SCMP_ARCH_X86_64", | |
| "SCMP_ARCH_X86", | |
| "SCMP_ARCH_AARCH64", | |
| "SCMP_ARCH_ARM" | |
| ], | |
| "syscalls": [ |
williamzujkowski
/ docker-apparmor-profiles.txt
Created
November 18, 2025 01:44
Docker AppArmor Security Profiles - Nginx, PostgreSQL, and More
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Docker AppArmor Security Profiles | |
| # Custom restrictive profiles for common containers | |
| # ======================================== | |
| # Nginx Container Profile (Highly Restrictive) | |
| # ======================================== | |
| # /etc/apparmor.d/docker-nginx-restricted | |
| #include <tunables/global> |
williamzujkowski
/ llm-rag-triage.py
Created
November 18, 2025 01:44
RAG-Enhanced LLM Triage - Historical Context with ChromaDB
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| RAG-Enhanced LLM Alert Triage | |
| Uses ChromaDB vector database for historical context | |
| """ | |
| import ollama | |
| import chromadb | |
| from chromadb.utils import embedding_functions | |
| import json |
williamzujkowski
/ llm-alert-triage.py
Created
November 18, 2025 01:44
LLM Alert Triage - Automated Security Alert Classification with Ollama
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| LLM-Powered Security Alert Triage | |
| Automated alert classification using local Ollama LLM | |
| """ | |
| import ollama | |
| import requests | |
| import json | |
| from datetime import datetime, timedelta |
williamzujkowski
/ zk-auth-client.js
Created
November 18, 2025 01:43
Zero-Knowledge Authentication Client - Browser JavaScript
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Zero-Knowledge Authentication Client (Browser) | |
| // Generates ZK-SNARK proofs without transmitting password | |
| async function register(username, password) { | |
| // Generate ZK circuit keys | |
| const { publicKey, privateKey } = await generateZKKeys(); | |
| // Hash password locally | |
| const passwordHash = await sha256(password); | |
williamzujkowski
/ zk-auth-server.py
Created
November 18, 2025 01:43
Zero-Knowledge Authentication Server - Python FastAPI
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Zero-Knowledge Authentication Server | |
| Implements ZK-SNARK based password-less authentication | |
| """ | |
| from fastapi import FastAPI, HTTPException | |
| from pydantic import BaseModel | |
| from typing import Dict | |
| import hashlib |
williamzujkowski
/ siem-hybrid-config.yml
Created
November 18, 2025 01:30
SIEM Hybrid Configuration - Wazuh + Graylog Integration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Hybrid SIEM Configuration: Wazuh + Graylog Integration | |
| # Architecture: Wazuh handles threat detection, Graylog handles log aggregation | |
| # Integration: Wazuh alerts forwarded to Graylog for unified dashboard | |
| # Wazuh Configuration (/var/ossec/etc/ossec.conf) | |
| # Add Graylog syslog output | |
| <ossec_config> | |
| <syslog_output> | |
| <server>graylog-server</server> |
williamzujkowski
/ siem-python-automation.py
Created
November 18, 2025 01:30
SIEM Python Automation - Wazuh and Graylog API Integration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| SIEM Automation Scripts - Wazuh and Graylog Integration | |
| """ | |
| import requests | |
| from requests.auth import HTTPBasicAuth | |
| import json | |
| class WazuhAPI: |
williamzujkowski
/ wazuh-docker-compose.yml
Created
November 18, 2025 01:30
SIEM Deployment - Wazuh and Graylog Docker Compose
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Wazuh Docker Compose Deployment | |
| version: '3.8' | |
| services: | |
| wazuh-manager: | |
| image: wazuh/wazuh-manager:4.9.0 | |
| hostname: wazuh-manager | |
| restart: always | |
| ports: | |
| - "1514:1514" |
williamzujkowski
/ grafana-dashboard.json
Created
November 18, 2025 01:29
Vulnerability Scanner - Configuration and Grafana Dashboard
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "dashboard": { | |
| "title": "Vulnerability Scanner - Homelab", | |
| "panels": [ | |
| { | |
| "title": "Total Vulnerabilities by Severity", | |
| "type": "graph", | |
| "targets": [ | |
| { | |
| "expr": "vulns_total{severity=\"critical\"}", |
NewerOlder