Skip to content

Instantly share code, notes, and snippets.

View maravedi's full-sized avatar
🏒
Slappin' shots

maravedi

🏒
Slappin' shots
View GitHub Profile
@maravedi
maravedi / azure_policy_tag_resources.json
Created October 5, 2023 14:27
Azure Policy - Apply Tag to Resource Groups matching string pattern and optionally any resources inside that Resource Group
View azure_policy_tag_resources.json
# Azure Policy: Tagging Based on Resource Group Name
# Objective:
# This policy aims to enforce tagging conventions based on the name of the resource group. If a resource group (or its contained resources) matches a specified naming pattern, a designated tag with a corresponding value will be applied.
#
# Parameters:
# tagName: The name of the tag you want to apply.
# tagValue: The value associated with the aforementioned tag.
# rgNamePattern: A naming pattern that resource groups should match. For instance, if you want to target resource groups that start with "azurebatch", you'd use "azurebatch*".
# applyToResources: A boolean parameter that dictates whether the tagging should be applied only to the resource group itself or also to the resources contained within the matching resource group.
#
@maravedi
maravedi / gist:69be8973beb0de9b732ecfed508cb015
Created September 14, 2023 13:37
VScode Find and Replace Terraform Plan Output Grossness
View gist:69be8973beb0de9b732ecfed508cb015
// The idea behind this is that you can do a terraform plan -out test.tfplan and then take the output that's printed
// and copy/paste it into your code, then use these commands to clean it up so it's usable code.
// In newer versions of Terraform you can do a terraform plan -generate-config to do this a different way, so check that out too.
// Uses this exctension: https://marketplace.visualstudio.com/items?itemName=ArturoDent.find-and-transform&ssr=false#overview
"findInCurrentFile": {
"replaceHyphenPrefix": {
"title": "Replace Terraform Plan output hyphen prefix...", // will appear in the Command Palette
"find": "^(\\s+)- ",
"replace": "$1",
"isRegex": true,
@maravedi
maravedi / New-AESKey.ps1
Last active September 12, 2023 17:15
Create an AES Key with PowerShell
View New-AESKey.ps1
Function New-AesKey {
Param(
[Int]$KeySize = 256,
[Switch]$AsString
)
$aesManaged = New-Object "System.Security.Cryptography.AesManaged"
$aesManaged.KeySize = $KeySize
$aesManaged.GenerateKey()
If($AsString) {
Return [System.Convert]::ToBase64String($aesManaged.Key)
@maravedi
maravedi / create_azure_vpn_client_cert.sh
Last active December 14, 2022 04:50
Create an Azure VPN Client Cert and Private Key Pair and Output an OpenVPN Config File
View create_azure_vpn_client_cert.sh
#!/bin/bash
# File: create_azure_vpn_client_cert.sh
# Author: David Frazer
# Date: 12/13/2022
# NOTE: This script expects a CA root cert and CA root key to exist at the following paths:
# "${ORGNAME}_cacert.pem"
# "${ORGNAME}_cakey.pem"
# OPTIONAL: Set this to 1 to create a PFX for the user
@maravedi
maravedi / Get-WLANProfileCategories.ps1
Created April 14, 2022 14:09
PowerShell one-liner to show Windows network profile categories for saved wireless connections
View Get-WLANProfileCategories.ps1
Get-ChildItem 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles' | Select -Property * | %{ $Key = $_.PSChildName; $Name = $_.Name -Replace "HKEY_LOCAL_MACHINE","HKLM:"; $Category_Num = Get-ItemPropertyValue "$Name" -Name Category; If($Category_Num -eq 0){ $Category='Public' } ElseIf($Category_Num -eq 1){ $Category='Private' } ElseIf($Category_Num -eq 2){$Category = 'Domain'}; $ProfileName = Get-ItemPropertyValue "$Name" -Name ProfileName; ""|Select @{N='ProfileName';E={$ProfileName}},@{N="ProfileCategory";E={$Category} }} | Sort ProfileCategory
@maravedi
maravedi / domaincontrollersvulnerable_to_cve-2021-1675.sql
Created June 30, 2021 20:57
CVE-2021-1675 osquery Script for Domain Controllers
View domaincontrollersvulnerable_to_cve-2021-1675.sql
SELECT CASE cnt
WHEN 2 THEN "TRUE"
ELSE "FALSE"
END "Vulnerable"
FROM
(SELECT name,
start_type,
COUNT(name) AS cnt
FROM services
WHERE name = 'NTDS' or (name = 'Spooler' and start_type <> 'DISABLED'))
@maravedi
maravedi / gist:a7769d10f11e6090f7866db8d6039c6b
Created May 17, 2021 16:52
Ansible Variable File to CSV
View gist:a7769d10f11e6090f7866db8d6039c6b
Get-Content .\main.yml | Where-Object { $_ -and ($_ -notmatch "^\s*(\-|#)" )} | Foreach-Object { ($_ -Split ": ") -Join ','} | ConvertFrom-CSV -Header Name, DefaultVaue | ConvertTo-CSV
View CreateSelfSignedCodeSigningCert.ps1
$Cert = New-SelfSignedCertificate -DnsName "maravedi.github.io" -CertStoreLocation Cert:\CurrentUser\My -Type CodeSigningCert -Subject "Code Signing Certificate"
$TempFilePath = "exported_cert.cer"
Export-Certificate -FilePath $TempFilePath -Cert $Cert
$CertFromFile = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($TempFilePath)
$RootStore = Get-Item cert:\LocalMachine\Root
$RootStore.Open("ReadWrite")
$RootStore.Add($CertFromFile)
$RootStore.Close()
Remove-Item $TempFilePath -Confirm:$False
@maravedi
maravedi / Get-Employee.ps1
Created April 5, 2020 02:03
PowerShell function to get specific details for an AD user
View Get-Employee.ps1
function Get-Employee {
param(
[String]$Username,
[String]$ProxyAddressesFilter
)
If($Username) {
Get-ADUser -Identity $Username -Properties Department, Title, Manager, Office, LockedOut, officePhone, telephoneNumber
} Else {
Get-ADUser -Filter "proxyAddresses -like `"*$($ProxyAddressesFilter)*`"" -Properties Department, Title, Manager, Office, LockedOut, officePhone, telephoneNumber
@maravedi
maravedi / sqlite-output.nse
Last active February 27, 2020 01:02
Nmap Sqlite Output Script with cpe and OS
View sqlite-output.nse
description = [[
This script stores the following nmap output into a sqlite3 database: Hostname, IP, port number, protocol (tcp/udp), service, version, cpe, and OS (if it can be determined)
Both, database file name and table name can be passed to the script via arguments (see @args or @example), data will always be appended to an existing table. Non-existant database files or table
s are created during the scan. Nmap's regular output (-o) will not be modified in any way.
Dependencies: luasql (http://keplerproject.org/luasql)
For Debian-based distributions:
sudo apt-get install lua-sql-sqlite3