cquresphere
dstreefkerk
/ Create-MitigationFirewallRules.ps1
Last active
February 22, 2024 18:18
A script to automatically generate Windows Firewall with Advanced Security outbound rules to prevent malware from being able to dial home.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Requires -Version 5 -Module NetSecurity -RunAsAdministrator | |
| <# | |
| .SYNOPSIS | |
| Create-MitigationFirewallRules - Creates Windows Firewall rules to mitigate certain app whitelisting bypasses and to prevent command interpreters from accessing the Internet | |
| .DESCRIPTION | |
| A script to automatically generate Windows Firewall with Advanced Security outbound rules | |
| to prevent malware from being able to dial home. | |
| These programs will only be allowed to communicate to IP addresses within the private IPv4 RFC1918 ranges: |
woehrl01
/ Get-FileMetaData.psm1
Last active
December 21, 2023 19:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # based on https://gallery.technet.microsoft.com/scriptcenter/Get-FileMetaData-3a7ddea7 | |
| function Get-FileMetaData | |
| { | |
| <# | |
| .SYNOPSIS | |
| Get-FileMetaData returns metadata information about a single file. | |
| .DESCRIPTION | |
| This function will return all metadata information about a specific file. It can be used to access the information stored in the filesystem. |