$awsec2instances = aws ec2 describe-instances
mbrownnycnyc
mbrownnycnyc
/ modify-attackjson.ps1
Last active
January 12, 2023 00:22
modify an att&ck navigator json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $orcacomplianceframework = @" | |
| Collection - Automated Collection - T1119 | |
| Collection - Data from Cloud Storage - T1530 | |
| Collection - Data from Information Repositories - T1213 | |
| Collection - Data Staged - T1074 | |
| Collection - Email Collection - T1114 | |
| Credential Access - Brute Force - T1110 | |
| Credential Access - Forge Web Credentials - T1606 | |
| Credential Access - Modify Authentication Process - T1556 | |
| Credential Access - Multi-Factor Authentication Request Generation - T1621 |
mbrownnycnyc
/ cdscn800c_x64.inf
Created
February 11, 2014 17:29
windows 64-bit driver file for cardscan hardware before dymo bought them (800c, 700c, 600c, etc) software. compatible with cardscan software version 8+ on windows 7, windows 8, etc. Copy the file to c:\Program Files (x86)\CardScan\CardScan\System\Drivers, and use device installation wizard to select the directory for Unknown Device.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; CDSCN800C.INF -- CardScan 800c Setup File | |
| ; Copyright (c) 2005 CardScan, Inc. | |
| ; Manufacturer: CardScan, Inc. | |
| [Version] | |
| Signature="$CHICAGO$" | |
| Provider=%CardScan% | |
| Class=Image | |
| ClassGuid={6bdd1fc6-810f-11d0-bec7-08002be2092f} | |
| Catalogfile=cdscn800c.cat |
mbrownnycnyc
/ foreach-concurrentdict.ps1
Last active
December 21, 2022 14:17
Thread safe disctionary and using -parallel switch with foreach in powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # summary of code covered here: https://isc.sans.edu/diary/Port%20Scanning%20in%20Powershell%20Redux%3A%20Speeding%20Up%20the%20Results%20%28challenge%20accepted!%29/29324 | |
| $gkeclusters = [System.Collections.Concurrent.ConcurrentDictionary[string,object]]::new() | |
| $gcpprojects.projectId | % -ThrottleLimit 10 -Parallel { | |
| write-host "checking $($_)" | |
| $dict = $using:gkeclusters | |
| $dict.TryAdd($(gcloud container clusters list --project $_ --format json), $_) | out-null | |
| } |
mbrownnycnyc
/ aws_cli_ref.md
Last active
September 27, 2022 19:06
aws cli reference and whoops... i'm learning `jq`.. but not really because it doesn't work well with powershell :D
mbrownnycnyc
/ gitlab-search.py
Last active
September 26, 2022 17:23
gitlab code searcher based on https://github.com/tuimm/gitlab-search, but added enum for all branches and regex string matches. need to add multithreading and dumping data to disk upon receipt.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import gitlab | |
| import re | |
| def search(gitlab_server, token, file_filter, regextofind, group=None, project_filter=None): | |
| return_value = [] | |
| gl = gitlab.Gitlab(gitlab_server, private_token=token) | |
| if (project_filter == '') and (group == ''): | |
| projects = gl.projects.list(all=True) | |
| else: | |
| group_object = gl.groups.get(group) |
mbrownnycnyc
/ get-xfcvssdata.ps1
Last active
September 16, 2022 19:46
gather interesting cvss data from x-force
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $cvelist = "CVE-2022-32868","CVE-2022-32886","CVE-2022-32912","CVE-2022-32891","CVE-2022-32854","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32795","CVE-2022-32868","CVE-2022-32872","CVE-2022-32886","CVE-2022-32902","CVE-2022-32896","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32900","CVE-2022-32902","CVE-2022-32854","CVE-2022-32896","CVE-2022-32911","CVE-2022-32864","CVE-2022-32894","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32900","CVE-2022-32854","CVE-2022-32911","CVE-2022-32864","CVE-2022-32917","CVE-2022-32883","CVE-2022-32908","CVE-2022-32795","CVE-2022-32868","CVE-2022-32872","CVE-2022-32886","CVE-2022-32912","CVE-2022-32893" | |
| $baseurl = "https://api.xforce.ibmcloud.com/" | |
| $apikey = "xxxx" | |
| $apipass = "yyyy" | |
| $encodeme = $apikey+":"+$apipass | |
| $access_token = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($encodeme)) | |
| $headers = @{"Authorization"= "Basic $access_token"; |
mbrownnycnyc
/ parse_awscli_json_output.ps1
Last active
September 14, 2022 17:41
deal with json for filtering in powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # parse elbv2 | |
| $targetjson = get-content "elbv2-listener-allowing-cleartext.json" | ConvertFrom-Json | |
| $interestingdata = @() | |
| foreach ($item in $targetjson) { | |
| $tempobj = "" | select dnsname, arn, vpcid, tags, listener_80_defaultaction_type, sg_tags, sg_used_by | |
| $tempobj.dnsname = $item.DNSName | |
| $tempobj.arn = $item.arn | |
| $tempobj.vpcid = $item.VpcId |
mbrownnycnyc
/ install_nuclei_on_kali.md
Last active
July 31, 2022 01:05
nuclei install on kali (for log4j stuff).. this is in draft as of 12/17/2021
-
stand up a domain. In this case, I'll use digiarch.net since I own this and use it for nothing.
-
stand up an ami linux server. Configure the SG to allow the following inbound (letsencrypt also uses the DNS):
- tcp 25: SMTP
- udp 53: DNS
- tcp 80: HTTP
- tcp 443: HTTPS
mbrownnycnyc
/ worksheet.ps1
Last active
June 23, 2022 19:52
script used to assist in building a risk scoring spreadsheet for AD prived groups and users (adjust baseline risk of each group)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-b--privileged-accounts-and-groups-in-active-directory | |
| $userrights_readable = "Access Credential Manager as a trusted caller","Access this computer from the network","Act as part of the operating system","Add workstations to domain","Adjust memory quotas for a process","Allow log on locally","Allow log on through Remote Desktop Services","Back up files and directories","Bypass traverse checking","Change the system time","Change the time zone","Create a pagefile","Create a token object","Create global objects","Create permanent shared objects","Create symbolic links","Debug programs","Deny access to this computer from the network","Deny log on as a batch job","Deny log on as a service","Deny log on locally","Deny log on through Terminal Services","Enable computer and user accounts to be trusted for delegation","Force shutdown from a remote system","Generate security audits","Impersonate a client after authenti |
mbrownnycnyc
/ kali_wsl_2.md
Last active
June 14, 2022 02:02
a working Kali in WSL. Why? Kali in vmware player took three times as long to complete a `-p- -A -sC` nmap scan of vulnversity on tryhackme. I'm hoping this WSL 2 is faster. If it isn't, then I will try WSL 1, and if that fails, then I will just build a box on Digital Ocean.
- see requirements: https://docs.microsoft.com/en-us/windows/wsl/install-win10#step-2---update-to-wsl-2
- WSL1 vs. WSL2: https://docs.microsoft.com/en-us/windows/wsl/compare-versions
- see old write up: https://www.kali.org/news/kali-linux-in-the-windows-app-store/
- run in powershell as admin:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
wsl --set-default-version 1
- search the windows store for kali and install, or: