Skip to content

Instantly share code, notes, and snippets.

Avatar

Blake Jakopovic blakejakopovic

View GitHub Profile
View Get-MS17010.ps1
<#
.Synopsis
Scans a host or network for the MS17-010 vulnerability and output results as a
table that you can pipe to other PowerShell functions such as Invoke-Command or
Export-CSV.
.DESCRIPTION
This script will use a custom NMap NSE script to scan a destination host on
port 445 for the MS17-010 vulnerability. If the host is not online or is blocking
@Neo23x0
Neo23x0 / wannacry-vaccine.reg
Last active Mar 15, 2021
WannaCrypt Ransomware Immunisation
View wannacry-vaccine.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskdl.exe]
"Debugger"="taskkill /F /IM "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskse.exe]
"Debugger"="taskkill /F /IM "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wannacry.exe]
"Debugger"="taskkill /F /IM "
View Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@mattmcnabb
mattmcnabb / Test-ADStaffAttributes.ps1
Last active Feb 11, 2018
Line-Of-BusinessTesting
View Test-ADStaffAttributes.ps1
function Test-ADStaffAttributes {
[CmdletBinding()]
param
(
[Parameter(Mandatory = $true)]
[Microsoft.ActiveDirectory.Management.ADUser]
$Identity,
[switch]
$Quiet
@ranieuwe
ranieuwe / grab-azure-docs.sh
Last active Mar 28, 2020
Grabs a PDF copy of all Azure docs
View grab-azure-docs.sh
for row in $(curl https://api.github.com/repositories/72685026/contents/articles | jq -c -r '.[] | select(.type | contains("dir")) | "\(.name)"'); do wget -O "${row}.pdf" "https://docs.microsoft.com/en-us/azure/opbuildpdf/${row}/toc.pdf?branch=live"; done
@barbietunnie
barbietunnie / udemy-courses-download-using-cookies.md
Last active Nov 24, 2021
Downloading Udemy videos with youtube-dl
View udemy-courses-download-using-cookies.md

How to download your Udemy course videos using youtube-dl

$ youtube-dl --list-extractors | grep udemy

Steps

  1. Get link to the course to download. e.g. https://www.udemy.com/course-name/
  2. Login into udemy website, save the cookie from chrome using Chrome (Cookie.txt)[1] export extension. Save it to file udemy-cookies.txt
  3. Get the link of the video that you want to download. usually in format. Use the command provided below where you have to replace the {course_link} and {path_to_cookies_file} with respective paths.
$ youtube-dl {course_link} --cookies {path_to_cookies_file}
@leonardofed
leonardofed / README.md
Last active Nov 27, 2021
A curated list of AWS resources to prepare for the AWS Certifications
View README.md


A curated list of AWS resources to prepare for the AWS Certifications

A curated list of awesome AWS resources you need to prepare for the all 5 AWS Certifications. This gist will include: open source repos, blogs & blogposts, ebooks, PDF, whitepapers, video courses, free lecture, slides, sample test and many other resources.


View bitcoin-paper-errata-and-details.md

A description of known problems in Satoshi Nakamoto's paper, "Bitcoin: A Peer-to-Peer Electronic Cash System", as well as notes on terminology changes and how Bitcoin's implementation differs from that described in the paper.

Abstract

The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power.

@gbaman
gbaman / HowToOTGFast.md
Last active Nov 25, 2021
Simple guide for setting up OTG modes on the Raspberry Pi Zero, the fast way!
View HowToOTGFast.md

Setting up Pi Zero OTG - The quick way (No USB keyboard, mouse, HDMI monitor needed)

More details - http://blog.gbaman.info/?p=791

For this method, alongside your Pi Zero, MicroUSB cable and MicroSD card, only an additional computer is required, which can be running Windows (with Bonjour, iTunes or Quicktime installed), Mac OS or Linux (with Avahi Daemon installed, for example Ubuntu has it built in).
1. Flash Raspbian Jessie full or Raspbian Jessie Lite onto the SD card.
2. Once Raspbian is flashed, open up the boot partition (in Windows Explorer, Finder etc) and add to the bottom of the config.txt file dtoverlay=dwc2 on a new line, then save the file.
3. If using a recent release of Jessie (Dec 2016 onwards), then create a new file simply called ssh in the SD card as well. By default SSH i

@alirobe
alirobe / reclaimWindows10.ps1
Last active Nov 26, 2021
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
View reclaimWindows10.ps1
##########
# Tweaked Win10 Initial Setup Script
# Primary Author: Disassembler <disassembler@dasm.cz>
# Modified by: alirobe <alirobe@alirobe.com> based on my personal preferences.
# Version: 2.20.2, 2018-09-14
# Primary Author Source: https://github.com/Disassembler0/Win10-Initial-Setup-Script
# Tweaked Source: https://gist.github.com/alirobe/7f3b34ad89a159e6daa1/
# Tweak difference:
#
# @alirobe's version is a subset focused on safely disabling telemetry, some 'smart' features and 3rd party bloat ...