danzek
/ macoslogginqgsubsystems
Created
June 15, 2023 03:27
— forked from krypted/macoslogginqgsubsystems
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Logging(object): | |
| __name__ = 'logger.info(1)' | |
| plist = '/System/Library/Preferences/Logging/Subsystems/' | |
| def __init__(__name__, plist, *args, **kwargs): | |
| super(getLogger/, self).__init__() | |
| logger.info('Input parameters:\n' | |
| 'accessibility: "{com.apple.Accessibility.plist}"\n' |
danzek
/ FixAbsoluteHyperlinksInExcelToRelative.vba
Created
October 26, 2020 23:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Sub FixLinks() | |
| Dim wks As Worksheet | |
| Dim hl As Hyperlink | |
| Dim sOld As String | |
| Dim sNew As String | |
| Set wks = ActiveSheet | |
| sOld = "G:\MyOriginalFolderIWantToReplaceInPath\" | |
| sNew = ".\" | |
| For Each hl In wks.Hyperlinks | |
| hl.Address = Replace(hl.Address, sOld, sNew) |
danzek
/ rot13Reader.go
Created
October 25, 2020 05:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // solution to rot13Reader exercise in golang tour | |
| package main | |
| import ( | |
| "io" | |
| "os" | |
| "strings" | |
| ) |
danzek
/ fibonacci_closure.go
Created
October 23, 2020 04:32
Solution to Golang tour Fibonacci closure exercise
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // go tour fibonacci closure exercise solution | |
| // https://tour.golang.org/moretypes/26 | |
| package main | |
| import "fmt" | |
| // fibonacci is a function that returns | |
| // a function that returns an int. | |
| func fibonacci() func() int { |
danzek
/ deobfuscateClopResource.cpp
Created
April 1, 2019 22:39
decompiled / reverse-engineered Clop deobfuscation of SIXSIX1 resource code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| HINSTANCE LoadExecuteClearSystemsBatchFile() | |
| { | |
| HMODULE hModule; // eax | |
| HMODULE phModule; // ebx | |
| HRSRC hRsrcSIXSIX1; // eax | |
| HRSRC phRsrcSIXSIX1; // esi | |
| HGLOBAL hGlobalRsrcSIXSIX1; // eax | |
| const void *ResourceLock; // edi | |
| DWORD cbResourceSIXSIX1; // esi | |
| HGLOBAL hDecryptedResourceMemory; // ebx |
danzek
/ singly_linked_list.c
Last active
January 10, 2021 20:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * singly_linked_list.c | |
| * | |
| * Demo of singly-linked list using simplified Process struct | |
| * | |
| * I made this for the 2019 KPMG Lunch and Learn series entitled, | |
| * "A heuristic approach to coding in C on Windows" | |
| */ | |
| #include <stdio.h> |
danzek
/ Get-DesktopSearchData.ps1
Created
June 11, 2018 21:29
Gets data from Windows Desktop Search
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Gets data from Windows Desktop Search. | |
| .DESCRIPTION | |
| Uses Windows API (ADO) to get data from Windows Desktop Search JET (ESE) database. | |
| .NOTES | |
| File Name : Get-DesktopSearchData.ps1 | |
| Author : Dan O'Day - d@4n68r.com |
danzek
/ makeMetered.ps1
Created
April 3, 2018 09:00
Take ownership of key and make Ethernet connection a metered connection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS : PowerShell script to set Ethernet connection as metered or not metered | |
| .AUTHOR : Michael Pietroforte | |
| .SITE : https://4sysops.com | |
| #> | |
| # Retrieved from https://4sysops.com/archives/set-windows-10-ethernet-connection-to-metered-with-powershell/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ | |
| Module containing class to parse and return formatted SID string given list of integers containing SID from byte array | |
| This was made for formatting the CreatorSID from the Microsoft Windows CIM (WMI) repository database in the standard | |
| Windows SID format ("S-1-5-21-<RID>-<RID>...). For instance, if using a script such as [`python-cim`](https://github.com/fireeye/flare-wmi/tree/master/python-cim) | |
| [filter-to-consumer bindings](https://github.com/fireeye/flare-wmi/blob/master/python-cim/samples/show_filtertoconsumerbindings.py), | |
| to extract CreatorSID using that script, you would add `'CreatorSID'` to the filter or consumer properties like so: | |
| filter_sid = filter.properties["CreatorSID"].value |
danzek
/ winlogon.reg
Created
February 11, 2018 20:48
— forked from anonymous/winlogon.reg
WinLogon Windows 7 x64 COM Hijack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00] | |
| @="AtomicRedTeam" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00\CLSID] | |
| @="{00000001-0000-0000-0000-0000FEEDACDC}" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam] | |
| @="AtomicRedTeam" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam\CLSID] | |
| @="{00000001-0000-0000-0000-0000FEEDACDC}" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}] |
NewerOlder