Skip to content

Instantly share code, notes, and snippets.

View fbogner's full-sized avatar

Florian Bogner fbogner

13 followers · 0 following
View GitHub Profile
@fbogner
fbogner / check_login.ps1
Last active January 31, 2023 09:39
foreach($line in Get-Content .\users.txt) {
Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$DS = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('domain')
$username = $line.Trim()
$password = $username.ToLower()
$success=$DS.ValidateCredentials($username, $password)
@fbogner
fbogner / Check-Egregor.ps1
Created December 7, 2020 21:12
$computername=$env:computername
$logfile="\\dc01\EgregorLog\$computername.csv"
$egregorDll="C:\Windows\egregor.dll"
#################################################################################################
# This is a small script to monitor/protect all domain joined systems from further Egregor activity.
# It was created during an incident by Florian Bogner, Bee IT Security (https://bee-itsecurity.at)
#
# As described by CyberReason (https://www.cybereason.com/blog/cybereason-vs-egregor-ransomware)
# Egregor uses a DLL for the actual encryption process. This script checks if the "client"-specific
@fbogner
fbogner / check_bitlocker.ps1
Created October 30, 2020 09:50
$ErrorActionPreference= 'silentlycontinue'
$ping = New-Object System.Net.NetworkInformation.Ping;
# Für alle Rechnernamen in der Textdatei rechner.txt
foreach($line in Get-Content .\rechner.txt) {
# Konvertiere Hostnamen in IP
$pc=$line.Trim()
$ip = ""
$ip = [System.Net.Dns]::GetHostAddresses($pc)
@fbogner
fbogner / IsFolderWritable.ps1
Created April 25, 2018 19:48
Recursively check if a folder is writable in Powershell
function IsFolderWritable ($test_folder, $verbose) {
if($verbose -eq $null)
{
$verbose = $false
}
# Check if folder is a folder
If (-Not (Test-Path $test_folder -pathType container)) {