Jordan Borean jborean93
jborean93
/ Split-ExeArgument.ps1
Last active
June 4, 2024 01:24
Splits the input string using the Win32 argument splitter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| #Requires -Module Ctypes | |
| Function Split-ExeArgument { | |
| [OutputType([string])] | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(Mandatory, ValueFromPipeline)] |
jborean93
/ libvirt-network-dns.py
Created
June 3, 2024 00:34
Script that can automatically configure DNS domain resolvers for systemd-resolved on QEMU network adapters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import os.path | |
| import subprocess | |
| import sys | |
| import xml.etree.ElementTree as ET | |
| def main(): | |
| iface = sys.argv[1] | |
| hook_case = sys.argv[2] |
jborean93
/ Get-FileProcess.ps1
Created
May 30, 2024 23:18
Gets the process ids that has the requested file(s) opened
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| #Requires -Module Ctypes | |
| #Requires -Version 7.3 | |
| Function Get-FileProcess { | |
| <# | |
| .SYNOPSIS | |
| Get the process that has opened the requested file. |
jborean93
/ WinVerifyTrust-Catalog.ps1
Created
May 21, 2024 04:53
Test code to testing WinVerifyTrust with a catalog file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ctypes_struct WINTRUST_DATA { | |
| [int]$cbStruct | |
| [IntPtr]$pPolicyCallbackData | |
| [IntPtr]$pSIPClientData | |
| [int]$dwUIChoice | |
| [int]$fdwRevocationChecks | |
| [int]$dwUnionChoice | |
| [IntPtr]$pCatalog | |
| [int]$dwStateAction | |
| [IntPtr]$hWVTStateData |
jborean93
/ Get-SignedCatalogFile.ps1
Created
May 20, 2024 20:13
Gets the signed catalog file details from the provided paths
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| #Requires -Modules Ctypes | |
| #Requires -Version 7.3 | |
| Function Get-SignedCatalogFile { | |
| <# | |
| .SYNOPSIS | |
| Gets the .cat file for the specified file. |
jborean93
/ rdp-execute.py
Created
March 6, 2024 06:54
POC for running processes over RDP - Very WIP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| """POC for running exe's over RDP | |
| This is a very rough attempt at trying to run an exe using a headless RDP | |
| connection. It aims to be able to provide an interactive console session as | |
| well as a headless one. | |
| Requires aardwolf - https://github.com/skelsec/aardwolf as a Python dependency. |
jborean93
/ ansible-kinit.py
Created
February 23, 2024 00:55
POC for Ansible callback that calls kinit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (c) 2024 Jordan Borean | |
| # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) | |
| from __future__ import annotations | |
| DOCUMENTATION = """ | |
| name: kinit | |
| type: aggregate | |
| short_description: POC to run kinit on a playbook run. | |
| description: |
jborean93
/ Get-ServiceDacl.ps1
Last active
February 14, 2024 01:51
Get the Service SecurityDescriptor in a human friendly format
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Get-ServiceDacl { | |
| <# | |
| .SYNOPSIS | |
| Gets the service DACL entries. | |
| .DESCRIPTION | |
| Gets all the DACL entries for the service(s) specified. |
jborean93
/ Get-PowerShellAssemblyMetadata.ps1
Created
January 27, 2024 21:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Get-PowerShellAssemblyMetadata { | |
| <# | |
| .SYNOPSIS | |
| Gets the cmdlets and aliases in a dotnet assembly. | |
| .PARAMETER Path | |
| The assembly to inspect. |
jborean93
/ Test-Tls.ps1
Last active
May 20, 2024 19:28
Tests the TLS connection by doing a client hello with the hostname specified
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Test-Tls { | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(Mandatory)] | |
| [string] | |
| $HostName, |
NewerOlder