PolarBearGod

## Get-BrowserData.ps1
function Get-BrowserData {
    <#
    .SYNOPSIS
      Dumps Browser Information
      Original Author: u/424f424f
      Modified by: 51Ev34S
      License: BSD 3-Clause
      Required Dependencies: None
      Optional Dependencies: None
    .DESCRIPTION

## DeepBlue.ps1
param ([string]$file = $env:file, [string]$log = $env:log)

function Main {
    $text = ""
    $minlength = 1000
    $regexes = Get-Content ".\regexes.txt" | Select-String '^[^#]' | ConvertFrom-Csv
    $whitelist = Get-Content ".\whitelist.txt" | Select-String '^[^#]' | ConvertFrom-Csv
    $logname = Check-Options $file $log
    $filter = Create-Filter $file $logname
    $maxfailedlogons = 5

## Create-RandomFiles.ps1
<#
.SYNOPSIS
	Generates a number of dumb files for a specific size.

.DESCRIPTION
	Generates a defined number of files until reaching a maximum size.

.PARAMETER TotalSize
	Specify the total size you would all the files combined should use on the harddrive.
	This parameter accepts the following size values (KB,MB,GB,TB).  MB is assumed if no designation is specified.

## Find-UnsecureWIFIConnection.ps1
Function Show-NotifyBalloon($Title, $Message)
{
    [system.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms') | Out-Null
    $Global:Balloon = New-Object System.Windows.Forms.NotifyIcon
    $Balloon.Icon = [System.Drawing.Icon]::ExtractAssociatedIcon((Get-Process -id $pid | Select-Object -ExpandProperty Path))
    $Balloon.BalloonTipIcon = 'Info'
    $Balloon.BalloonTipText = $Message
    $Balloon.BalloonTipTitle = $Title
    $Balloon.Visible = $true
    $Balloon.ShowBalloonTip(10000)

## Proofpoint_URLDefenseDecoder_3.py
#!/usr/bin/env python
#Stolen from https://help.proofpoint.com/Threat_Insight_Dashboard/Concepts/How_do_I_decode_a_rewritten_URL%3F
__author__ = 'Eric Van Cleve'
__copyright__ = 'Copyright 2019, Proofpoint Inc'
__license__ = 'GPL v.3'
__version__ = '3.0.1'
__email__ = 'evancleve@proofpoint.com'
__status__ = 'Production'


## proxy-test
#    This file is a proxy test file. If you are reading this content after performing a "git clone",
#    it means your proxy is configured correctly.

## Monitoring_Rogue_DHCP_Servers.ps1
# Content found on https://www.cyberdrain.com/monitoring-with-powershell-monitoring-rogue-dhcp-servers/
# The script will download CyberShadow’s DHCP test client for you, run 3 discoveries and compare the results with the server you’ve given as “Allowed”.
# It is based off the following code - https://github.com/CyberShadow/dhcptest

#Replace the DHCP Server IP below to the trusted assigned DHCP Server's IP
$AllowedDHCPServer = "192.168.15.1"

#Replace the Download URL to where you've uploaded the DHCPTest file yourself. We will only download this file once.
$DownloadURL = "https://cyberdrain.com/wp-content/uploads/2020/04/dhcptest-0.7-win64.exe"
$DownloadLocation = "$($Env:ProgramData)\DHCPTest"

## List-RecycleBin.ps1
  (New-Object -ComObject Shell.Application).NameSpace(0x0a).Items() | select @{n="OriginalLocation"; e={$_.ExtendedProperty("{9B174B33-40FF-11D2-A27E-00C04FC30871} 2")}},Name

## find-extension.ps1
get-childitem c:\ -recurse | where {$_.extension -eq “.exe”} | export-csv -notypeinformation “c:\users\admin\desktop\executables.csv”

## Export-shimcache.cmd
reg export “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCompatCache” c:\shim.reg
	function Get-BrowserData {
	<#
	.SYNOPSIS
	Dumps Browser Information
	Original Author: u/424f424f
	Modified by: 51Ev34S
	License: BSD 3-Clause
	Required Dependencies: None
	Optional Dependencies: None
	.DESCRIPTION
	param ([string]$file = $env:file, [string]$log = $env:log)

	function Main {
	$text = ""
	$minlength = 1000
	$regexes = Get-Content ".\regexes.txt" \| Select-String '^[^#]' \| ConvertFrom-Csv
	$whitelist = Get-Content ".\whitelist.txt" \| Select-String '^[^#]' \| ConvertFrom-Csv
	$logname = Check-Options $file $log
	$filter = Create-Filter $file $logname
	$maxfailedlogons = 5
	<#
	.SYNOPSIS
	Generates a number of dumb files for a specific size.

	.DESCRIPTION
	Generates a defined number of files until reaching a maximum size.

	.PARAMETER TotalSize
	Specify the total size you would all the files combined should use on the harddrive.
	This parameter accepts the following size values (KB,MB,GB,TB). MB is assumed if no designation is specified.
	Function Show-NotifyBalloon($Title, $Message)
	{
	[system.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms') \| Out-Null
	$Global:Balloon = New-Object System.Windows.Forms.NotifyIcon
	$Balloon.Icon = [System.Drawing.Icon]::ExtractAssociatedIcon((Get-Process -id $pid \| Select-Object -ExpandProperty Path))
	$Balloon.BalloonTipIcon = 'Info'
	$Balloon.BalloonTipText = $Message
	$Balloon.BalloonTipTitle = $Title
	$Balloon.Visible = $true
	$Balloon.ShowBalloonTip(10000)
	#!/usr/bin/env python
	#Stolen from https://help.proofpoint.com/Threat_Insight_Dashboard/Concepts/How_do_I_decode_a_rewritten_URL%3F
	__author__ = 'Eric Van Cleve'
	__copyright__ = 'Copyright 2019, Proofpoint Inc'
	__license__ = 'GPL v.3'
	__version__ = '3.0.1'
	__email__ = 'evancleve@proofpoint.com'
	__status__ = 'Production'
	# This file is a proxy test file. If you are reading this content after performing a "git clone",
	# it means your proxy is configured correctly.
	# Content found on https://www.cyberdrain.com/monitoring-with-powershell-monitoring-rogue-dhcp-servers/
	# The script will download CyberShadow’s DHCP test client for you, run 3 discoveries and compare the results with the server you’ve given as “Allowed”.
	# It is based off the following code - https://github.com/CyberShadow/dhcptest

	#Replace the DHCP Server IP below to the trusted assigned DHCP Server's IP
	$AllowedDHCPServer = "192.168.15.1"

	#Replace the Download URL to where you've uploaded the DHCPTest file yourself. We will only download this file once.
	$DownloadURL = "https://cyberdrain.com/wp-content/uploads/2020/04/dhcptest-0.7-win64.exe"
	$DownloadLocation = "$($Env:ProgramData)\DHCPTest"