Skip to content

Instantly share code, notes, and snippets.

@JPMinty
JPMinty / Get-InjectedThread.ps1
Created April 17, 2020 09:07 — forked from jaredcatkinson/Get-InjectedThread.ps1
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
function Get-InjectedThread
{
<#
.SYNOPSIS
Looks for threads that were created as a result of code injection.
.DESCRIPTION
filter Get-PEFeature {
<#
.SYNOPSIS
Retrieves key features from PE files that can be used to build detections.
.DESCRIPTION
Get-PEFeature extracts key features of PE files that are relevant to building detections.
@JPMinty
JPMinty / Get-ProcessTree.ps1
Last active February 3, 2022 10:18 — forked from atifaziz/Get-ProcessTree.ps1
PowerShell 2.0 script to get processes tree
# Modified to include support for CommandLine, File Hashes, File Paths, Signing Certificates
# Copyright (c) 2020 Jai Minton. All rights reserved.
# Copyright (c) 2014 Atif Aziz. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
@JPMinty
JPMinty / get_ippsec_details.py
Created July 10, 2019 23:24 — forked from sminez/get_ippsec_details.py
Find examples of pen testing methods and tools in videos by Ippsec (as of 26th June 2019)
#!/usr/bin/env python3
"""
Script used to pull down the current video descriptions from ippsec's youtube channel.
The raw output still has a few HTML tags that need to be manually removed and there
also seem to be multiple duplicates of videos that have been removed in the output
saved as ippsec-details.txt
"""
import re
import sys