Skip to content

Instantly share code, notes, and snippets.

View jaredcatkinson's full-sized avatar

Jared Atkinson jaredcatkinson

427 followers · 1 following
View GitHub Profile
@jaredcatkinson
jaredcatkinson / ContextualEditDistance.ps1
Last active February 24, 2024 15:15
This Gist is meant to be associated with a twitter thread describing a new approach to selecting the optimal set of variations given a finite set of tests. Make sure each of the associated scripts are loaded into you PowerShell session.
function ContextualEditDistance
{
<#
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.600.3601&rep=rep1&type=pdf
https://github.com/chrislit/abydos/blob/344346a5fceb6acc631b3d24e16b73a303cece2c/abydos/distance/_higuera_mico.py
#>
[CmdletBinding()]
param(
[string]
@jaredcatkinson
jaredcatkinson / kerberoasting-abstraction-map.yaml
Last active February 24, 2024 15:15
---
title: T1208 - Kerberoasting
description:
header :
name : T1208 - Kerberoasting
colspan : 5
background-color : #DCDCDC
rows:
- Row1 :
name : Tools
@jaredcatkinson
jaredcatkinson / Collect-SOData.ps1
Last active February 24, 2024 15:16
function Collect-SOData
{
param
(
[Parameter(Mandatory = $true)]
[string]
$FilePath
)
$hostname = $env:COMPUTERNAME
@jaredcatkinson
jaredcatkinson / Get-CurrentProcessIntegrityLevel.ps1
Last active February 24, 2024 15:16
Add-Type -AssemblyName System.ServiceModel
$BF = [Reflection.BindingFlags]::NonPublic -bor [Reflection.BindingFlags]::Static
$C1 = [ServiceModel.PeerNode].Assembly.GetType('System.ServiceModel.Channels.AppContainerInfo')
$C2 = [ServiceModel.PeerNode].Assembly.GetType('System.ServiceModel.Activation.Utility')
$M1 = $C1.GetMethod('GetCurrentProcessToken', $BF)
$M2 = $C2.GetMethod('GetTokenInformation', $BF)
$hT = $M1.Invoke($null, @())
$b = New-Object -TypeName byte[](28)
$M2.Invoke($null, @($hT, 25, [byte[]]$b))
$IL = [Security.Principal.SecurityIdentifier]::new($b, 16).Value
@jaredcatkinson
jaredcatkinson / profile.ps1
Created April 30, 2018 16:50
Update-TypeData -TypeName Object -MemberType ScriptMethod -MemberName SizeOf -Value {
param()
if($this -is [type]) {
$SizeOf = [System.Runtime.InteropServices.Marshal].GetMethod('SizeOf',[type[]]@([type]))
}
else {
$SizeOf = [System.Runtime.InteropServices.Marshal].GetMethod('SizeOf',[type[]]@([Object]))
}
return $SizeOf.Invoke($null,@($this.psobject.BaseObject))
@jaredcatkinson
jaredcatkinson / ConvertFrom-EpochTime.ps1
Created April 5, 2018 17:05
function ConvertFrom-EpochTime
{
param
(
[Parameter(Mandatory = $true)]
[Double]
$EpochTime
)
$epochstart = Get-Date -Date 1/1/1970
@jaredcatkinson
jaredcatkinson / Add-ACECertificate.ps1
Last active February 24, 2024 15:17
PowerShell script to query the ACE Certificate Authority (CA) for the CA's public key and add the public key to the system's local cert store
function Add-ACERootCertificate
{
param
(
[Parameter(Mandatory = $true)]
[string]
$ServerIp,
[Parameter()]
[Int32]
@jaredcatkinson
jaredcatkinson / Get-SOHostData.ps1
Last active February 24, 2024 15:17
function Get-SOHostData
{
begin
{
try
{
Get-System
}
catch
{
@jaredcatkinson
jaredcatkinson / Get-RegistryValue.ps1
Created January 23, 2018 14:30
function Get-RegistryValue
{
[CmdletBinding(DefaultParameterSetName = 'HKLM')]
param
(
[Parameter(Mandatory = $true, ValueFromPipeline = $true)]
[string[]]
$Key,
[Parameter()]
@jaredcatkinson
jaredcatkinson / Get-Hash.ps1
Last active March 15, 2024 17:05
PowerShell v2 port of the Get-FileHash function. This version of Get-Hash supports hashing files and strings.
function Get-Hash
{
<#
.SYNOPSIS
Get-Hash is a PowerShell Version 2 port of Get-FileHash that supports hashing files, as well as, strings.
.PARAMETER InputObject
This is the actual item used to calculate the hash. This value will support [Byte[]] or [System.IO.Stream] objects.