chadmando

step to run 1: npm install 2: npm install https://github.com/mapbox/node-sqlite3/tarball/master 3: node restapi.js

chadmando

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

$uri = "https://urlscan.io/api/v1/scan/" 
$apikey = #insert secure method to retreive api key
$url = #insert suspect url here
$header = @{
  "API-Key" = $apikey
  }
  $body = @{
    "url"=$url

chadmando

# collect mailboxes that are not shared or resources
$users = Get-Mailbox | 
Where-Object {$_.IsShared -eq $False -and $_.IsResource -eq $False} |
Select-Object -ExpandProperty UserPrincipalName 

foreach ($user in $users){
    Write-Host $user -ForegroundColor green
    Get-MobileDevice -Mailbox $user |
    Select-Object -Property FriendlyName,DeviceUserAgent,DeviceAccessState, DeviceModel, Identity |
    Format-Table -AutoSize

chadmando

Option Explicit

Public Sub CreateEmail(ByVal strSubject As String, ByVal strBody As String, ByVal strRecipient As String)
   
   Dim obApp As Object
   Dim NewMail As Variant
  
    
   'initialize Outlook objects
    Set obApp = CreateObject("Outlook.Application")

chadmando

# modified from this blog post https://itluke.online/2018/11/27/how-to-display-firewall-rule-ports-with-powershell/
# Looks for Enabled, Inbound Rules that start with the letter "Q"

Get-netfirewallrule | 
    Where-Object {$_.Enabled -eq $True -and $_.DisplayName -like "Q*" -and $_.Direction -eq "Inbound"} |
    Select-Object -Property Name, 
        DisplayName,
        @{Name='Protocol';Expression={($_ | Get-NetFirewallPortFilter).Protocol}},
        @{Name='LocalPort';Expression={($_ | Get-NetFirewallPortFilter).Localport}},
        @{Name='RemotePort';Expression={($_ | Get-NetFirewallPortFilter).RemotePort}},

chadmando

Get-EXOMailbox -PropertySets Minimum, Hold | 
Where-Object {$_.RecipientTypeDetails -eq "UserMailbox" -and $_.LitigationHoldEnabled -eq $True} |
Set-Mailbox -LitigationHoldEnabled $False

chadmando

# First: Connect to Exchange Online using EXO V2

Get-ExoMailbox -RecipientTypeDetails Usermailbox |
Select-Object -Property Identity |
Get-EXOMailboxStatistics |
Select -Property DisplayName, TotalItemSize |
Sort-Object -Property TotalItemSize -Descending # |
# Out-File <path to file>

chadmando

# Get all Application Log Events that are "Error" level and 
# save to an xml file (deserialize) 

$filter = @{LogName="Application"; Level=2}

Get-WinEvent -Filterhashtable $filter |
Export-CliXml -Path "$ENV:USERPROFILE\application_errors.xml"

chadmando

# needs refinement to only print the names of processes with connnections to addresses other than localhost

Get-Process | ForEach-Object {Write-Host $_.Name; Get-NetTCPConnection -OwningProcess $_.Id -ErrorAction SilentlyContinue }

chadmando

#!/usr/bin/env python
import os
import urllib.parse 
from flask import Flask
from flask_sqlalchemy import SQLAlchemy



# Configure Database URI: 
params = urllib.parse.quote_plus("DRIVER={SQL Server};SERVER=sqlhost.database.windows.net;DATABASE=pythonSQL;UID=username@sqldb;PWD=password56789")