Skip to content

Instantly share code, notes, and snippets.

View codingoutloud's full-sized avatar

Bill Wilder codingoutloud

29 followers · 13 following
View GitHub Profile
@codingoutloud
codingoutloud / RandomTokenGenerator.cs
Created December 4, 2012 04:14
Generate a random string that is URL safe.
using System;
using System.Security.Cryptography;
using System.Web;
namespace DevPartners
{
// author: Bill Wilder, @codingoutloud
// original: https://gist.github.com/4200537
public static class RandomTokenGenerator
{
@codingoutloud
codingoutloud / mimikatz-lab-helpers.txt
Last active December 16, 2023 15:43
Windows Server 2016 lab
# For educational purposes only
## STEP 0 - Create a Windows VM in the cloud, such as a Windows 2016 Server in Azure, with RDP enabled
Log in via RDP
Open PowerShell as Administrator
if you want to download local PowerShell help to poke around:
Get-Help curl
@codingoutloud
codingoutloud / who-vm.sh
Created November 26, 2023 19:14
Azure CLI wrapped for seeing who created a VM or reset the password. Uses only Activity Log (control plane) logs.
#!/bin/bash
rgName=qu-rg
# comment out setting of the VM name to instead use the resource group (more results may be returned)
# you can also change the VM name here to focus on a different VM
###vmName=qu-sam-vm
if [ -z "${vmName}" ]; then
# if vmName is not set, use the resource group
@codingoutloud
codingoutloud / make-keys.bat
Last active August 3, 2023 19:05
Handy OpenSSL command-line combinations I've used - they might've been hard to find or come up with, so capturing them here.
@echo off
if _%1_==__ goto USAGE
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem -subj "/CN=My Cert Name"
openssl pkcs12 -export -out mycert.pfx -inkey mycert.pem -in mycert.pem -passout pass:%1
openssl x509 -inform pem -in mycert.pem -outform der -out mycert.cer
openssl pkcs12 -in mycert.pfx -nodes -passin pass:%1 | openssl x509 -noout -fingerprint
openssl x509 -in mycert.pem -noout -fingerprint
@codingoutloud
codingoutloud / show-resourcegroup-contents.sh
Last active July 20, 2023 10:46
Using Azure CLI 2, show all the resources in a resource group
#/bin/bash
if [ $1 ]
then
echo "Resources in Azure Resource Group $1"
az resource list --query "[?resourceGroup=='$1'].{ name: name, flavor: kind, resourceType: type, region: location }" --output table
else
echo "usage: $0 [name-of-azure-resource-group]"
fi
@codingoutloud
codingoutloud / windows-azure-certs.txt
Created November 3, 2012 03:27
Dump of Windows Azure Certificates from a Web Role instance (output is from https://gist.github.com/4005661)
Store Location: CurrentUser
Store Location/Store Name: CurrentUser/AddressBook
Store Location/Store Name: CurrentUser/AuthRoot
Certificate (some fields): for OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP - has private key False by OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP
Certificate (some fields): for CN=D-TRUST Root Class 3 CA 2007, O=D-Trust GmbH, C=DE - has private key False by CN=D-TRUST Root Class 3 CA 2007, O=D-Trust GmbH, C=DE
Certificate (some fields): for OU=certSIGN ROOT CA, O=certSIGN, C=RO - has private key False by OU=certSIGN ROOT CA, O=certSIGN, C=RO
Certificate (some fields): for E=scr@registradores.org, STREET=Principe de Vergara 72 28006 Madrid, CN=Certificado de la Clave Principal, OU=Certificado Raiz, OU=Certificado Propio, O=Servicio de Certificacion del Colegio de Registradores (SCR), C=es - has private key False by E=scr@registradores.org, STREET=Principe de Vergara 72 28006 Madrid, CN=Certificado de la Clave Principal,
@codingoutloud
codingoutloud / puml.sh
Created July 7, 2022 13:48
#!/bin/bash
# Mostly this script exists to simply make it possible/simple to do "puml.sh foo.puml" to create "foo.png" from command line.
#
# If you want it even simpler - "puml foo.puml" (no ".sh" extension) consider using an alias.
# Here is example for .bash_profile:
# alias puml=~/bin/puml.sh
for ARG in "$@"
do
if [ "$ARG" = "v" ]; then
@codingoutloud
codingoutloud / azipcheck.sh
Created November 21, 2021 01:24
#!/bin/bash
if [ $# -eq 1 ]; then
IP="$1"
## NEED AN AZURE MAP API KEY
## Create an Azure Map account in the Azure portal to get a new APIKEY.
AZUREMAP_APIKEY='...'
## Azure Map API to look up the COUNTRY (two-char ISO) of the IP
@codingoutloud
codingoutloud / azure-activity-log-security.json
Created November 21, 2021 01:21
<!--
Actual activity-log entry, redacted (...) and anonymized.
category = "Security"
level = "Informational"
The threatName and threatID values under properties match this:
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3AScript%2FConteban.A!ml&threatid=2147735508
-->
{
@codingoutloud
codingoutloud / basicauthwithtoken.ps1
Created October 17, 2013 22:15
Use PowerShell to call HTTP Endpoint using Basic Auth when you already have a Basic Auth token in hand (not username + password). http://en.wikipedia.org/wiki/Basic_access_authentication
## Example explorers hitting a web endpoint with Basic Auth, when you already have a token in hand
$key = "sk_test_mkGsLqEW6SLnZa487HYfJVLf"
$url = "https://api.stripe.com/v1/charges"
# this will work, but the flow in Basic Auth will first ask you for a password to go with the
# value passed in, which serves as the username. You hit enter because the password is null.
# Then the response comes back... BUT - this also involved a round-trip to the server (which
# returns a 401, but also a Response header indicating that is speaks Basic Auth:
# Www-Authenticate: Basic realm="Stripe"