Bonjour123
Bonjour123
/ ejabberd.yml
Created
January 3, 2020 10:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| ###' ejabberd configuration file | |
| ### | |
| ### The parameters used in this configuration file are explained at | |
| ### | |
| ### https://docs.ejabberd.im/admin/configuration | |
| ### | |
| ### The configuration file is written in YAML. | |
| ### ******************************************************* | |
| ### ******* !!! WARNING !!! ******* |
Bonjour123
/ getPermanentWMISubscriptionsForAllClasses.ps1
Last active
June 9, 2019 14:56
Getting all permanent WMI subscriptions for all classes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##########################Author: Bonjour123############################# | |
| # Althought really convenient, WMI permanent subscriptions can also # | |
| # be used by malwares. They usually are set to get events and trigger # | |
| # some actions (like downloading some scripts), thus allowing some # | |
| # persistance mechanisms. # | |
| # This script returns a list of all the permanent WMI subscriptions for # | |
| # all the different classes, allowing an overall view. # | |
| # More info: https://www.fireeye.com/blog/threat-research/2016/08/wmi_vs_wmi_monitor.html | |
| ######################################################################### | |
| $classes = get-wmiobject -namespace root\Subscription -list|select Name|Foreach-object {$_ -split "`r`n"} |