Skip to content

Instantly share code, notes, and snippets.


Scott Hoag ciphertxt

View GitHub Profile
ciphertxt /
Created Jul 13, 2022
Opens a specific Microsoft Edge profile by name on macOS
# Navigate to the profiles directory
cd ~/Library/Application\ Support/Microsoft\ Edge
# List out the profile directories. Note that the directory name is what is used in the launch command, *not* necessarily the friendly name of the profile you see in Microsoft
find ./ -type f -name Preferences
# Let's say "Profile 1" is one of our directories
"/Applications/Microsoft Edge" --profile-directory="Profile 1"
# Sync parent folder and subfolders recursively
rsync -avP Takeout/Google\ Photos/ /Volumes/Multimedia/Pictures/Google\ Photos
# Exclude json files and consolidate into a flat folder
rsync -avP --exclude='*.json' Takeout/Google\ Photos/*/ organize/datefix
ciphertxt /
Last active Jun 17, 2022
exiftool shortcuts
# Read time metadata
exiftool -a -G1 -s -time:all *.JPG
# Update time metadata
# ModifyDate
exiftool -overwrite_original -d "%Y:%m:%d %H:%M:%S" -v "-AllDates<ModifyDate" "-FileModifyDate<ModifyDate" *.JPG
# DateTimeOriginal
exiftool -overwrite_original -d "%Y:%m:%d %H:%M:%S" -v "-AllDates<DateTimeOriginal" "-FileModifyDate<DateTimeOriginal" *.JPG
View gist:9ca037353256941e528f668beb40bfc1
Bordertown (Finnish)
Trapped (icelandic)
The Bureau (French)
Deutschland 83
Young Wallenberg
Detective Montalbano
for youtube_uri in "$@"
echo "Downloading video $i: $youtube_uri";
i=$((i + 1));
yt-dlp -f 'bestvideo[ext=mp4]+bestaudio[ext=m4a]/bestvideo+bestaudio/best[ext=mp4]/best' --merge-output-format mp4 "$youtube_uri" --add-metadata --embed-thumbnail
View metrics.ps1
## Monitor Azure Storage
## Azure Monitor Metrics Overview
## Azure Storage monitoring data reference
## Azure Monitoring REST API walkthrough
ciphertxt / Get-AzResourcesSupportingPolicies.ps1
Last active Jul 14, 2020
Enumerates resources in a subscription and finds diagnostic settings for resources that support them
View Get-AzResourcesSupportingPolicies.ps1
$currentContext = Get-AzContext
$currentSub = $(Get-AzContext).Subscription.Name
$token = $currentContext.TokenCache.ReadItems() | Where-Object {$_.tenantid -eq $currentContext.Tenant.Id}
$GetScanDetails = @{
Headers = @{
Authorization = "Bearer $($token.AccessToken)"
'Content-Type' = 'application/json'
Method = 'Get'
ciphertxt / GetGrantedOATHPerms.ps1
Last active Jul 14, 2020
Spot check Granted OATH permissions. Attackers are utilizing malicious OATH grants for persistence.
View GetGrantedOATHPerms.ps1
Get-AzureADServicePrincipal `
-Filter "serviceprincipaltype eq 'Application'" -All $true -PipelineVariable sp `
| Get-AzureADServicePrincipalOAuth2PermissionGrant `
-top 1 `
| select @{N="SPDisplayname";E={$sp.displayname}}, @{N="SPObjectid";E={$sp.objectid}}, consenttype, scope
ciphertxt /
Created Jul 13, 2020
Find all Service Principals with credentials expiring in the next 60 days
az ad sp list \
--all \
--query "[?passwordCredentials[0].endDate<='$(date -d "+60 days" +%Y-%m-%d)'||keyCredentials[0].endDate<='$(date -d "+60 days" +%Y-%m-%d)'].{\"App ID Display Name\":appDisplayName,\"SP appId\":appId,\"Password Expiry Date\":passwordCredentials[0].endDate, \"Key Expiry Date\":keyCredentials[0].endDate}" \
-o table