step to run 1: npm install 2: npm install https://github.com/mapbox/node-sqlite3/tarball/master 3: node restapi.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | |
$uri = "https://urlscan.io/api/v1/scan/" | |
$apikey = #insert secure method to retreive api key | |
$url = #insert suspect url here | |
$header = @{ | |
"API-Key" = $apikey | |
} | |
$body = @{ | |
"url"=$url |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# collect mailboxes that are not shared or resources | |
$users = Get-Mailbox | | |
Where-Object {$_.IsShared -eq $False -and $_.IsResource -eq $False} | | |
Select-Object -ExpandProperty UserPrincipalName | |
foreach ($user in $users){ | |
Write-Host $user -ForegroundColor green | |
Get-MobileDevice -Mailbox $user | | |
Select-Object -Property FriendlyName,DeviceUserAgent,DeviceAccessState, DeviceModel, Identity | | |
Format-Table -AutoSize |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Option Explicit | |
Public Sub CreateEmail(ByVal strSubject As String, ByVal strBody As String, ByVal strRecipient As String) | |
Dim obApp As Object | |
Dim NewMail As Variant | |
'initialize Outlook objects | |
Set obApp = CreateObject("Outlook.Application") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# modified from this blog post https://itluke.online/2018/11/27/how-to-display-firewall-rule-ports-with-powershell/ | |
# Looks for Enabled, Inbound Rules that start with the letter "Q" | |
Get-netfirewallrule | | |
Where-Object {$_.Enabled -eq $True -and $_.DisplayName -like "Q*" -and $_.Direction -eq "Inbound"} | | |
Select-Object -Property Name, | |
DisplayName, | |
@{Name='Protocol';Expression={($_ | Get-NetFirewallPortFilter).Protocol}}, | |
@{Name='LocalPort';Expression={($_ | Get-NetFirewallPortFilter).Localport}}, | |
@{Name='RemotePort';Expression={($_ | Get-NetFirewallPortFilter).RemotePort}}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Get-EXOMailbox -PropertySets Minimum, Hold | | |
Where-Object {$_.RecipientTypeDetails -eq "UserMailbox" -and $_.LitigationHoldEnabled -eq $True} | | |
Set-Mailbox -LitigationHoldEnabled $False |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# First: Connect to Exchange Online using EXO V2 | |
Get-ExoMailbox -RecipientTypeDetails Usermailbox | | |
Select-Object -Property Identity | | |
Get-EXOMailboxStatistics | | |
Select -Property DisplayName, TotalItemSize | | |
Sort-Object -Property TotalItemSize -Descending # | | |
# Out-File <path to file> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get all Application Log Events that are "Error" level and | |
# save to an xml file (deserialize) | |
$filter = @{LogName="Application"; Level=2} | |
Get-WinEvent -Filterhashtable $filter | | |
Export-CliXml -Path "$ENV:USERPROFILE\application_errors.xml" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# needs refinement to only print the names of processes with connnections to addresses other than localhost | |
Get-Process | ForEach-Object {Write-Host $_.Name; Get-NetTCPConnection -OwningProcess $_.Id -ErrorAction SilentlyContinue } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import os | |
import urllib.parse | |
from flask import Flask | |
from flask_sqlalchemy import SQLAlchemy | |
# Configure Database URI: | |
params = urllib.parse.quote_plus("DRIVER={SQL Server};SERVER=sqlhost.database.windows.net;DATABASE=pythonSQL;UID=username@sqldb;PWD=password56789") |
OlderNewer