NicholasLeader
NicholasLeader
/ PowerShell_API_JSON_example.ps1
Created
May 15, 2016 23:38
PowerShell API JSON example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Nicholas Leader | |
| 05/15/2016 | |
| Example of using the api.ipify.org API in the JSON format | |
| Optional text version of the API would be more straight forward, | |
| this demonstrating some manual parsing of the JSON format. | |
| JSON format can also be converted to a PowerSHell object via 'convertFrom-Json' cmdlet: | |
| (Invoke-WebRequest -URI https://api.ipify.org?format=json) | ConvertFrom-Json | Select-Object |
NicholasLeader
/ PowerShell_dot_NET_example.ps1
Created
May 16, 2016 18:30
PowerShell .NET example using inline .NET
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Nicholas Leader | |
| 05/16/2016 | |
| Quick example .NET | |
| This is one of the things that makes PowerShell extensible - you can do inline .NET | |
| Reference: https://blogs.technet.microsoft.com/heyscriptingguy/2010/10/26/learn-how-to-use-net-framework-commands-inside-windows-powershell/ | |
| #> |
NicholasLeader
/ PowerShell_function_with_input_validation.ps1
Created
May 16, 2016 19:43
PowerShell Function Example with input validation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Nicholas Leader | |
| 05/16/2016 | |
| Simple function example | |
| In this example I'm showing how input to the function can be validated | |
| After running this script a 'Test-name' function will be available, which accepts an argument or parameter | |
| Reference: http://mikefrobbins.com/2015/03/31/powershell-advanced-functions-can-we-build-them-better-with-parameter-validation-yes-we-can/ |
NicholasLeader
/ PowerShell_Parsing_EventLog_Example.ps1
Created
May 18, 2016 21:58
PowerShell example of parsing Windows Event log, doing admin detection, as well as writing to log file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Nicholas Leader | |
| 05/18/2016 | |
| Example of parsing of a Windows Event log, then writing to the host and a log file if a certain eventID detected | |
| #> | |
| ## requires section Reference: http://serverfault.com/a/676573/355259 |
NicholasLeader
/ PowerShell_AWS_IAM_user_audit_example.ps1
Created
May 19, 2016 01:12
PowerShell AWS IAM user audit example using Amazon's PowerShell Module
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Nicholas Leader | |
| 05/18/2016 | |
| Example of using the 'AWS Tools For Windows PowerShell' : http://docs.aws.amazon.com/powershell/latest/userguide/pstools-welcome.html | |
| In this example I'm doing a very simple audit to see which users (IAM users) were created in the last week. | |
| This script requires AWS Tools to be installed locally. Amazon has an MSI on their website. |
NicholasLeader
/ DataFiltering.PS1
Created
December 4, 2018 21:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# Nicholas Leader 2018 | |
| Custom filter on the AV agent report | |
| make sure file in CSV format | |
| 12.03.2018 - made the date filtering more extensible (not hard coded), grabs last 3 calender months with current month | |
| #> | |
| $filePath = "Example_file_path.csv" | |
| ### formats the dates to similar formats as what's contained in the spreasheet |
NicholasLeader
/ Compare_objects_return_all_properties.ps1
Last active
February 6, 2019 21:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Nicholas Leader | |
| 09.08.2018 | |
| Merging 2 sets of data with compare-object lookup. | |
| List of servers and adding columns to the CSV from a AV CSV | |
| This script returns *all* data elements from both CSVs, rather than just from 1 CSV with compare-object | |
| #> | |
| #date stamp in string |
NicholasLeader
/ HTTP_Security_header_check.ps1
Created
August 9, 2019 23:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| # Nicholas Leader | |
| # 8.9.2019 | |
| # Check for the presence of HTTP Security headers - CSP or Content-Security-Policy in this example | |
| # | |
| # Dictionary calling idea from: https://stackoverflow.com/questions/39090323/how-to-check-if-response-header-contains-certain-headers-powershell | |
| # | |
| ### | |
| ### set Connection to use TLS 1.2 |
NicholasLeader
/ HTTP_Security_Header_check_Python_AWS_Lamda_PoC.py
Created
August 15, 2019 18:54
This Python AWS Lamda function, returns True / False if a given AWS API query parameter (URL) has an HTTP security CSP header present
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Nicholas Leader | |
| ### Python PoC given AWS API query parameter of URL, return if HTTP security header CSP policy is present | |
| ### Written as AWS Lamda (serverless) function | |
| ### 8.14.2019 | |
| ### | |
| import json | |
| def lambda_handler(event, context): | |
| import urllib.request | |
| input = event["queryStringParameters"]['URL'] |
NicholasLeader
/ SSL_TLS_cert_CN_pull_via_NMAP.ps1
Last active
September 3, 2019 12:47
PowerShell PoC to grab the 'CN' common name of the SSL/TLS cert of an IP - leveraging NMAP SSL-cert script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Nicholas Leader | |
| 9.3.2019 | |
| PowerShell PoC to grab the 'CN' common name of the SSL/TLS cert of an IP | |
| Script takes an array of IPs as input in the script, but could be modified to pull from a CSV, etc | |
| Script is leveraging 'Invoke-Command' to run an NMAP script | |
| Using 'Select-string' to pull the relevent line of the NMAP script output | |
| Requires: |
OlderNewer