This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AV Products or Companies: | |
Avast | |
BitDefender | |
Carbon Black | |
Check Point | |
Cisco | |
ClamAV | |
CrowdStrike | |
Cylance | |
Elastic Endpoint Security |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@Library('ci-jenkins-common') _ | |
// Jenkins build pipeline (declarative) | |
// Project: Seatbelt | |
// URL: https://github.com/GhostPack/Seatbelt | |
// Author: @tifkin_/@harmj0y | |
// Pipeline Author: harmj0y | |
def gitURL = "https://github.com/GhostPack/Seatbelt" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Enable Windows Firewall | |
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True | |
# SMB # require elevated privileges # | |
## Turn on SMB signing and encryption | |
Set-SmbServerConfiguration -RequireSecuritySignature $True -EnableSecuritySignature $True -EncryptData $True -Confirm:$false -Verbose | |
## Turn off the default workstations shares | |
Set-SmbServerConfiguration -AutoShareWorkstation $False -Confirm:$false -Verbose |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#ifndef PATCHLESS_AMSI_H | |
#define PATCHLESS_AMSI_H | |
#include <windows.h> | |
static const int AMSI_RESULT_CLEAN = 0; | |
PVOID g_amsiScanBufferPtr = nullptr; | |
unsigned long long setBits(unsigned long long dw, int lowBit, int bits, unsigned long long newValue) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Requires -RunAsAdministrator | |
<# | |
.SYNOPSIS | |
Script used to manage state of Microsoft Defender's Attack Surface Redution rules. | |
Configures all ASR rules into mode defined in -State parameter. | |
.PARAMETER State | |
Tells how to configure all ASR rules available. Valid options: | |
- Disable (Disable the ASR rule) |
OlderNewer