InvokeThreatGuy invokethreatguy
invokethreatguy
/ credentialGuard.ps1
Created
November 5, 2023 20:40
— forked from frayos/credentialGuard.ps1
Credential Guard checker Powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $DevGuard = Get-CimInstance –ClassName Win32_DeviceGuard –Namespace root\Microsoft\Windows\DeviceGuard | |
| if ($DevGuard.SecurityServicesConfigured -contains 1) {"Credential Guard configured"} | |
| if ($DevGuard.SecurityServicesRunning -contains 1) {"Credential Guard running"} | |
rqu1
/ checkmk.py
Last active
November 13, 2023 22:07
check if a PAN firewall is using the default master key when globalprotect is enabled
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from hashlib import md5, sha1 | |
| from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes | |
| from cryptography.hazmat.backends import default_backend | |
| from base64 import b64encode, b64decode | |
| import sys, time | |
| import requests | |
| DEFAULT_MASTERKEY=b'p1a2l3o4a5l6t7o8' | |
| class PanCrypt(): |
wdormann
/ privtasks.ps1
Last active
August 15, 2023 15:15
List privileged scheduled tasks that don't come with Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent()) | |
| if (-Not $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { | |
| Write-Warning "We don't have elevated privileges. The following results may not be complete." | |
| } | |
| schtasks /query /fo csv -v | ConvertFrom-Csv | ? {$_.Status -notlike "Disabled" -and $_.TaskName -notlike "\Microsoft\Windows\*" -and $_.TaskName -notlike "\Microsoft\Office\*" -and $_.TaskName -notlike "\Microsoft\XblGameSave\*" -and $_.TaskName -notlike "TaskName" -and ($_."Run As User" -like "*system" -or $_."Run As User" -like "Administrator*")} | fl taskname,"Comment","Task To Run","Run As User" |
FusRoDah061
/ ServiceInstaller.cs
Last active
January 13, 2024 16:54
Class for installing windows service on C#
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| using System; | |
| using System.Runtime.InteropServices; | |
| using System.Threading; | |
| */ | |
| /// <summary> | |
| /// <para> | |
| /// Sources: | |
| /// <para>https://stackoverflow.com/questions/358700/how-to-install-a-windows-service-programmatically-in-c </para> |