Skip to content

Instantly share code, notes, and snippets.

Avatar

JPMinty

View GitHub Profile
@JPMinty
JPMinty / Get-InjectedThread.ps1
Created Apr 17, 2020 — forked from jaredcatkinson/Get-InjectedThread.ps1
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
View Get-InjectedThread.ps1
function Get-InjectedThread
{
<#
.SYNOPSIS
Looks for threads that were created as a result of code injection.
.DESCRIPTION
View GetPEFeature.ps1
filter Get-PEFeature {
<#
.SYNOPSIS
Retrieves key features from PE files that can be used to build detections.
.DESCRIPTION
Get-PEFeature extracts key features of PE files that are relevant to building detections.
@JPMinty
JPMinty / Get-ProcessTree.ps1
Last active Mar 25, 2020 — forked from atifaziz/Get-ProcessTree.ps1
PowerShell 2.0 script to get processes tree
View Get-ProcessTree.ps1
# Modified to include support for CommandLine, File Hashes, File Paths, Signing Certificates
# Copyright (c) 2020 Jai Minton. All rights reserved.
# Copyright (c) 2014 Atif Aziz. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
@JPMinty
JPMinty / get_ippsec_details.py
Created Jul 10, 2019 — forked from sminez/get_ippsec_details.py
Find examples of pen testing methods and tools in videos by Ippsec (as of 26th June 2019)
View get_ippsec_details.py
#!/usr/bin/env python3
"""
Script used to pull down the current video descriptions from ippsec's youtube channel.
The raw output still has a few HTML tags that need to be manually removed and there
also seem to be multiple duplicates of videos that have been removed in the output
saved as ippsec-details.txt
"""
import re
import sys
View key.asc
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBF0V8UABCAC39s2yWNlrddlJr9pnuXky1pjqR9Bb1jE/sfF94U1F7nIApv8i
/QlyTjtyw2NodTEyG418VGn+Jiyib1VkvUnUjB2Fhm1RIbiLgVUptnRObcgDHUfb
hEK3AlGgSXMC64E+zg4S1f88b+ncTufBFGXIp3zWXazCHot3s8Gdetll7ExQhUV7
WcXy23qKIKfQwV0cmlbl7uzcJrmZMQSlOe37eZarOqXmb5WFl9fpdiYe3XeuR0LZ
/yvycADS5CM96iWRZJpmFNAeutCZzPeZ2P9+bJaUkT4zFaTMntHKFr5K5xw6iN5C
RX6NcesWqRxAppx9q8JlbX82NcgE0oQSwqfdABEBAAG0IEphaSBNaW50b24gPG1p
bnRzZWNAb3V0bG9vay5jb20+iQFUBBMBCAA+FiEE2fE5fROiYZKbAcnAM6G2WVXt
M78FAl0V8UACGwMFCQPDQugFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQM6G2
You can’t perform that action at this time.