| #Source Blog Post | |
| https://medium.com/chronicle-blog/winnti-more-than-just-windows-and-gates-e4f03436031a | |
| --- | |
| #Yara Rules | |
| --- | |
| rule WinntiLinux_Dropper : azazel_fork | |
| { | |
| meta: | |
| desc = "Detection of Linux variant of Winnti" |
We did it! We broke gist.github.com ;) So head over to the new home! Thank you all!
2021.10.20: https://github.com/AveYo/MediaCreationTool.bat now open for interaction
Not just an Universal MediaCreationTool wrapper script with ingenious support for business editions,
A powerful yet simple windows 10 / 11 deployment automation tool as well!
| #!/bin/bash | |
| # Cloudflare as Dynamic DNS | |
| # From: https://letswp.io/cloudflare-as-dynamic-dns-raspberry-pi/ | |
| # Based on: https://gist.github.com/benkulbertis/fff10759c2391b6618dd/ | |
| # Original non-RPi article: https://phillymesh.net/2016/02/23/setting-up-dynamic-dns-for-your-registered-domain-through-cloudflare/ | |
| # Update these with real values | |
| auth_email="email@example.com" | |
| auth_key="global_api_key_goes_here" | |
| zone_name="example.com" |
| function Create-AesManagedObject($key, $IV) { | |
| $aesManaged = New-Object "System.Security.Cryptography.AesManaged" | |
| $aesManaged.Mode = [System.Security.Cryptography.CipherMode]::CBC | |
| $aesManaged.Padding = [System.Security.Cryptography.PaddingMode]::Zeros | |
| $aesManaged.BlockSize = 128 | |
| $aesManaged.KeySize = 256 | |
| if ($IV) { | |
| if ($IV.getType().Name -eq "String") { | |
| $aesManaged.IV = [System.Convert]::FromBase64String($IV) | |
| } |
| function Add-WindowsDefenderExclusionsPolicy | |
| { | |
| $ErrorActionPreference="Stop" | |
| Set-StrictMode -Version Latest | |
| #Get Hyper-V Settings | |
| $vmHost = Get-VMHost | |
| #Default Exclusion Entries | |
| $excludes = @{ |