Skip to content

Instantly share code, notes, and snippets.

View eversec_boxstarter_base.txt
Set-WindowsExplorerOptions -EnableShowHiddenFilesFoldersDrives -EnableShowProtectedOSFiles -EnableShowFileExtensions
Enable-RemoteDesktop
cinst git-credential-winstore
cinst console-devel
cinst sublimetext2
cinst poshgit
cinst vscode
cinst 7zip
@gabemarshall
gabemarshall / Dockerfile
Created Nov 19, 2020 — forked from Kirill89/Dockerfile
Prototype Pollution security vulnerability in minimist
View Dockerfile
FROM ubuntu:18.04
COPY ./app /app
RUN chmod u+s /app
RUN useradd -s /bin/bash just-user
USER just-user
@gabemarshall
gabemarshall / my.ahk
Created Nov 12, 2019
My Autohotkey config
View my.ahk
#IfWinActive, ahk_class CabinetWClass
#g::Send #f
#IfWinActive
:?*:%xss1::
Random, rand, 1, 99999
SendInput "<svg/onload=alert(%rand%)>
return
@gabemarshall
gabemarshall / zgrab.sh
Created Nov 7, 2019
Zgrab2 helper script to include the http(s) port in the output
View zgrab.sh
#!/bin/bash
#
# ex: ./zgrab.sh www.contoso.com 443
echo $1 | zgrab2 http --retry-https --port $2 | awk '{first=substr($0,1,1);gsub(/./,"{\"port\":'"$2"',",first);end=substr($0,2);print first end}'
@gabemarshall
gabemarshall / gitr_dump.rb
Last active Nov 4, 2019
Ruby script to search Github and dump a list of individual files as well as repos
View gitr_dump.rb
#!/usr/bin/env ruby
# gem install faraday && gem install tty-prompt
# export GITHUB_AUTH=[replace with Github API token]
# Ex: ruby gitr_dump.rb '"corp.contoso.com"'
require "faraday"
require "json"
require "csv"
require "rb-readline"
@gabemarshall
gabemarshall / win_vms.md
Last active Jul 14, 2020
Temporary Windows VMs
View win_vms.md

Retrieve List of Microsoft IE/Edge Trial VMs

(credit to https://twitter.com/jack_halon/status/1229467736759263233)

curl https://web.archive.org/cdx/search\?url\=az792536.vo.msecnd.net\&matchType\=prefix\&collapse\=urlkey\&output\=json\&fl\=original%2Cmimetype%2Ctimestamp%2Cendtimestamp%2Cgroupcount%2Cuniqcount\&filter\=\!statuscode%3A%5B45%5D |jq -r '.[][]'| grep -v -F '.txt'|grep -F '.zip'|sort -u
IE/Edge VMs

@gabemarshall
gabemarshall / install-miniconda.sh
Created Mar 26, 2019
miniconda installation for Ubuntu
View install-miniconda.sh
wget https://repo.continuum.io/miniconda/Miniconda3-latest-Linux-x86_64.sh
chmod +x Miniconda3-latest-Linux-x86_64.sh
./Miniconda-latest-Linux-x86_64.sh
@gabemarshall
gabemarshall / reclaimWindows10.ps1
Last active Mar 15, 2019 — forked from alirobe/reclaimWindows10.ps1
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
View reclaimWindows10.ps1
##########
# Tweaked Win10 Initial Setup Script
# Primary Author: Disassembler <disassembler@dasm.cz>
# Modified by: alirobe <alirobe@alirobe.com> based on my personal preferences.
# Version: 2.20.2, 2018-09-14
# Primary Author Source: https://github.com/Disassembler0/Win10-Initial-Setup-Script
# Tweaked Source: https://gist.github.com/alirobe/7f3b34ad89a159e6daa1/
# Tweak difference:
#
# @alirobe's version is a subset focused on safely disabling telemetry, some 'smart' features and 3rd party bloat ...
@gabemarshall
gabemarshall / msigen.wix
Created Mar 12, 2019 — forked from xpn/msigen.wix
WIX file with embedded Powershell, which will be executed as SYSTEM
View msigen.wix
<?xml version="1.0"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
<Product Id="*" UpgradeCode="12345678-1234-1234-1234-111111111111" Name="Example Product Name" Version="0.0.1" Manufacturer="@_xpn_" Language="1033">
<Package InstallerVersion="200" Compressed="yes" Comments="Windows Installer Package"/>
<Media Id="1" Cabinet="product.cab" EmbedCab="yes"/>
<Directory Id="TARGETDIR" Name="SourceDir">
<Directory Id="ProgramFilesFolder">
<Directory Id="INSTALLLOCATION" Name="Example">
<Component Id="ApplicationFiles" Guid="12345678-1234-1234-1234-222222222222">
@gabemarshall
gabemarshall / flare-install.ps1
Last active Jan 26, 2019
Modified version of the flare-vm installer to add a few additional installations
View flare-install.ps1
###########################################
#
# FLARE VM Installation Script
#
# To execute this script:
# 1) Open powershell window as administrator
# 2) Allow script execution by running command "Set-ExecutionPolicy Unrestricted"
# 3) Execute the script by running ".\install.ps1"
#
###########################################