Skip to content

Instantly share code, notes, and snippets.

githubfoam / fortigate waf cheat sheet
Last active November 1, 2023 07:22
fortigate waf cheat sheet
View fortigate waf cheat sheet
Enable the web application firewall
Enable the web application firewall:
Go to System > Feature Visibility.
Under Security Features, enable Web Application Firewall.
Click Apply.
The web application firewall feature is only available when the policy inspection mode is proxy-based.
githubfoam / apache cheat sheet
Last active September 25, 2023 12:57
apache cheat sheet
View apache cheat sheet
#apache 2.4.10 on windows server 2012 data center.
#The -ALL option disables all SSL/TLS protocols initially.
#The +TLSv1.2 and +TLSv1.3 options then selectively enable the TLS 1.2 and TLS 1.3 protocols.
SSLProtocol -ALL +TLSv1.2 +TLSv1.3
#this configuration directly specifies that Apache should use TLS 1.2 and TLS 1.3 for secure communications.
#It doesn't explicitly disable any other SSL or TLS versions, but it indicates the preferred versions.
githubfoam / IIS cheat sheet
Last active September 19, 2023 07:39
IIS cheat sheet
View IIS cheat sheet
reset IIS without having to reboot the whole server
To check if IIS (Internet Information Services) is running on a Windows Server 2019 Standard server, you can use several methods, including the graphical user interface (GUI) and command-line tools. Here are two common methods:
Method 1: Using the GUI (Server Manager)
Log In: Log in to the Windows Server 2019 Standard using an account with administrative privileges.
githubfoam / ansible networking cheat sheet
Last active August 25, 2023 11:18
ansible networking cheat sheet
View ansible networking cheat sheet
Ansible uses the following connection types for connecting to network devices:
Network CLI: This is the default connection type for network devices. It uses the SSH protocol to connect to the device and execute commands on the CLI. The ansible.netcommon.network_cli connection plugin is used for this type of connection.
For example, to connect to a Cisco device using the network CLI, you would use the following inventory entry:
host: cisco_device
githubfoam / windows 11 cheat sheet
Last active October 14, 2023 09:24
windows 11 cheat sheet
View windows 11 cheat sheet
here are the steps on how to edit rules in Outlook Microsoft 365 Apps for Enterprise:
Open Outlook.
Click the File tab.
Click Manage Rules & Alerts.
In the Rules dialog box, select the rule that you want to edit.
Click the Edit button.
In the Edit Rule dialog box, make the changes that you want to the rule.
Click the OK button.
githubfoam / dell switch S404 8cheat sheet
Last active August 10, 2023 10:33
dell switch S4048 cheat sheet
View dell switch S404 8cheat sheet
show version
show os-version
#save the configuration on a Dell S4048 switch and ensure that it's not lost after a reboot
githubfoam / fortigate - HA mode cheat sheet
Last active November 27, 2023 06:53
fortigate - HA mode cheat sheet
View fortigate - HA mode cheat sheet
#how to power off fortigate cluster
#unplug the power cables as there is no power buttons
shut down first the secondary(backup unit)
Unit-1 # execute ha manage 1 {To switch to the backup unit}
Unit-2 $ {Now on the backup unit}
Unit-2 $ execute shutdown {To shut down the backup unit}
This operation will shutdown the system !
Do you want to continue? (y/n)y
githubfoam / ubuntu forensics cheat sheet
Last active November 28, 2023 12:35
ubuntu forensics cheat sheet
View ubuntu forensics cheat sheet
Determining the precise date and time when ClamAV was installed on an Ubuntu Linux system might require a bit of sleuthing, as Linux doesn't typically log installation timestamps by default. However, you can use system logs and package manager records to get an idea of when ClamAV was installed:
Method 1: Checking Package Installation Logs
APT Logs:
Look into the /var/log/apt/history.log* files. These logs contain historical information about package installations and updates.
zgrep "clamav" /var/log/apt/history.log*
githubfoam / Investigation Path - command and control (C2 or C&C)
Last active July 20, 2023 19:08
Investigation Path - command and control (C2 or C&C)
View Investigation Path - command and control (C2 or C&C)
Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses
As an incident response security engineer detecting a command and control (C2/C&C) attack on a host, you can use the MITRE ATT&CK Navigator as a helpful tool to aid in your incident response efforts. The MITRE ATT&CK Navigator is a web-based tool that allows you to visualize and track adversary techniques, tactics, and procedures in real-time. Here's how you
githubfoam / threat hunting cheat sheet
Last active July 27, 2023 06:46
threat hunting cheat sheet
View threat hunting cheat sheet
To schedule a PowerShell script to run at regular intervals in Windows, you can use the schtasks command. The schtasks command allows you to create, modify, delete, or view scheduled tasks on the local or remote computer. Here's how you can use it to schedule a PowerShell script:
Example: Schedule PowerShell Script to Run Daily
Let's say you have a PowerShell script named MyScript.ps1 located in C:\Scripts that you want to run daily at 10:00 AM. Here's how you can schedule it using schtasks:
Open Command Prompt or PowerShell as an administrator.