Skip to content

Instantly share code, notes, and snippets.

View izdiwho's full-sized avatar
🌟
I like starring things

Iz izdiwho

🌟
I like starring things
51 followers · 383 following
View GitHub Profile
@mackwage
mackwage / windows_hardening.cmd
Last active April 28, 2024 20:54
Script to perform some hardening of Windows OS
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:
@wdormann
wdormann / disable_win10_foistware.reg
Created January 2, 2018 23:15
Attempt at disabling Windows 10 automatic installation of 3rd-party foistware
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy]
"Disabled"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager]
"SubscribedContent-338388Enabled"=dword:00000000
@jhaddix
jhaddix / Testing_Checklist.md
Last active April 26, 2024 21:38 — forked from amotmot/WAHH_Task_Checklist.md
Fast Simple Appsec Testing Checklist
@mrik23
mrik23 / Test-LeakedPasswordHIBP.ps1
Last active August 3, 2022 20:28
PowerShell script to check password against leaked password database from https://haveibeenpwned.com/ using the Pwned Passwords V2 API. Only the first 5 characters of the password string hash is checked against the API (k-anonymity). More info on the HIBP API at https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/.
#requires -version 4
<#
.SYNOPSIS
Check password against leaked password database from https://haveibeenpwned.com/ using the Pwned Passwords V2 API https://api.pwnedpasswords.com/range/<hashPrefix>.
.DESCRIPTION
Only the first 5 characters of the password string hash is checked against the API (k-anonymity). The API returns a list of all passwords matching the hash prefix, then the script checks if the suffix is present or not.
@mattifestation
mattifestation / PowerShellDSCLateralMovement.ps1
Created March 4, 2018 23:24
# This idea originated from this blog post on Invoke DSC Resources directly:
# https://blogs.msdn.microsoft.com/powershell/2015/02/27/invoking-powershell-dsc-resources-directly/
<#
$MOFContents = @'
instance of MSFT_ScriptResource as $MSFT_ScriptResource1ref
{
ResourceID = "[Script]ScriptExample";
GetScript = "\"$(Get-Date): I am being GET\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";
TestScript = "\"$(Get-Date): I am being TESTED\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";
@jaredhaight
jaredhaight / Split-String.ps1
Last active November 7, 2018 14:17
PowerShell script to split a string into arbitrary sizes, formatting the string for use in C# or PowerShell
function Split-String {
param (
[Parameter(Mandatory = $true)]
[string]$String,
[int]$MinLength = 50,
[int]$MaxLength = 120,
[string]$VariableName = "data",
[ValidateSet("PowerShell", "CSharp")]
$Format = "PowerShell"
)
@dineshshetty
dineshshetty / frida-workaround-ios12
Last active July 30, 2023 22:44
Whenever I try using Frida from the official repo https://build.frida.re I kept getting the following errors after which my device panics and restarts:
default 15:46:47.251624 +0530 kernel AMFI: '/private/var/tmp/frida-D8kjW6.dylib' has no CMS blob?
default 15:46:47.251817 +0530 kernel AMFI: '/private/var/tmp/frida-D8kjW6.dylib': Unrecoverable CT signature issue, bailing out.
Looks like codesigning/entitlements issue. Here are the steps I followed to get Frida Running on a jailbroken iOS 12 device
Downloads Latest version of Frida from https://github.com/frida/frida/releases. In my case it was frida-server-12.4.0-ios-arm64.xz.
xz -d frida-server-12.4.0-ios-arm64.xz
scp frida-server-12.4.0-ios-arm64 root@<ios-device-ip>:/usr/bin/frida-server
@mdawaffe
mdawaffe / diff-changed-lines.sh
Last active October 4, 2023 08:38
Get line numbers of changed lines - git, diff - Full of bashisms
#!/bin/bash
# Call like you would `diff`
# `./diff-changed-lines.sh old new`
# Outputs the lines numbers of the new file
# that are not present in the old file.
# That is, outputs line numbers for new lines and changed lines
# and does not output line numbers deleted or unchanged lines.
@cballenar
cballenar / lemp-provision.sh
Last active February 2, 2023 04:42
LEMP Provisioning script based on Laravel Forge. Generated on 2020-04-26.
# LEMP Provisioning Script
# - Script generated by Laravel Forge on 20200426
# - Built for Ubuntu 18.04LTS, PHP7.2, MySQL5.7
# Variables
#-------------------------------------------------------------------------------
my_hostname="" # mydomain
my_username="" # myuser
my_root_pw="" # ****************
my_sshkey="" # ssh-rsa AAAA...
@ox1111
ox1111 / pinning.js
Created May 12, 2020 09:04
// start with:
// frida -U -l pinning.js -f [APP_ID] --no-pause
Java.perform(function () {
console.log('')
console.log('===')
console.log('* Injecting hooks into common certificate pinning methods *')
console.log('===')
var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager');