Skip to content

Instantly share code, notes, and snippets.

Avatar

Alexander Knorr opexxx

View GitHub Profile
View content_discovery_nullenc0de.txt
This file has been truncated, but you can view the full file.
/
$$$lang-translate.service.js.aspx
$367-Million-Merger-Blocked.html
$defaultnav
${idfwbonavigation}.xml
$_news.php
$search2
£º
.0
@opexxx
opexxx / MacroDetectSandbox.vbs
Created Sep 22, 2020 — forked from mgeeky/MacroDetectSandbox.vbs
Visual Basic script responsible for detecting Sandbox environments, as presented in modern Trojan Droppers implemented in Macros.
View MacroDetectSandbox.vbs
Private Declare PtrSafe Function isDbgPresent Lib "kernel32" Alias "IsDebuggerPresent" () As Boolean
Public Function IsFileNameNotAsHexes() As Boolean
Dim str As String
Dim hexes As Variant
Dim only_hexes As Boolean
only_hexes = True
hexes = Array("0", "1", "2", "3", "4", "5", "6", "7", _
"8", "9", "a", "b", "c", "d", "e", "f")
@opexxx
opexxx / WMIPersistence.vbs
Created Sep 22, 2020 — forked from mgeeky/WMIPersistence.vbs
Visual Basic Script implementing WMI Persistence method (as implemented in SEADADDY malware and further documented by Matt Graeber) to make the Macro code schedule malware startup after roughly 3 minutes since system gets up.
View WMIPersistence.vbs
'
' SYNOPSIS:
' WMI Persistence method as originally presented by SEADADDY malware
' (https://github.com/pan-unit42/iocs/blob/master/seaduke/decompiled.py#L887)
' and further documented by Matt Graeber.
'
' The scheduled command will be launched after roughly 3 minutes since system
' gets up. Also, even if the command shall spawn a window - it will not be visible,
' since the command will get invoked by WmiPrvSE.exe that's running in Session 0.
'
@opexxx
opexxx / gdpr3.json
Created May 4, 2020
General Data Protection Regulation
View gdpr3.json
[
{
"P.1": "P.1.1",
"P.1 Privacy Program Management": "P.1 Privacy Program Management",
"Is there collection of, access to, processing of, or retention of any client scoped Data that includes any classification of non-public personal information or personal data of individuals?\n": "Is client scoped Data collected, transmitted, processed, or stored that can be classified as non-public information (NPI), personally identifiable information (PII), or personally identifiable financial information?\n",
"": ""
},
{
"P.1": "P.1.2",
"P.1 Privacy Program Management": "P.2 Privacy Organization and Program Maintenance",
@opexxx
opexxx / gdpr2.json
Created May 4, 2020
General Data Protection Regulation
View gdpr2.json
[
{
"2.5.1": "2.5.2",
"Principles - Principles Relating to Processing of Personal Data": "Principles - Principles Relating to Processing of Personal Data",
"Personal data shall be:\n(a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);\n(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);\n(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);\n(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard
@opexxx
opexxx / gdpr1.json
Created May 4, 2020
General Data Protection Regulation
View gdpr1.json
[
{
"1.1": "1.2",
"I. Structure and responsibility in the company": "I. Structure and responsibility in the company",
"Is there an awareness in the company that data protection is management responsibility ": "Does your company have a data protection officer?",
"": ""
},
{
"1.1": "2.1",
"I. Structure and responsibility in the company": "II. Overview of processing activities",
View GDPR.json
[
{
"CHAPTER I ": "CHAPTER I ",
"General provisions": "General provisions",
"NA": "NA",
"Article 1 - 1": "Article 1 - 2",
"Subject-matter and objectives ": "Subject-matter and objectives ",
"This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.": "This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data."
},
{
View Cyber_Essentials_Compliance.json
[
{
"1": "1",
"Information Risk Management": "Information Risk Management",
"Objective: Asses the risks to your organisation's information and systems with the same rigour you would for legal, regulatory, financial or operational risks. The risk management regime must be embedded across your organisation, supported by the Board and senior managers": "Objective: Asses the risks to your organisation's information and systems with the same rigour you would for legal, regulatory, financial or operational risks. The risk management regime must be embedded across your organisation, supported by the Board and senior managers",
"1.1": "1.2",
"Boundary of Scope": "Risk Management Policy",
"Have you documented whether the whole or a part of the organisation is subject to certification, the boundary of the part in scope must be clearly defined in terms of the organisation or business unit managing it, the network boundary and physical location.": "Do you have a current Risk Management Policy
View cis.json
[
{
"1": "2",
"Inventory of Authorized and Unauthorized Devices": "Inventory of Authorized and Unauthorized Software",
"Actively manage (inventory, track and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanged devices are found and prevented from gaining access.": "Actively manage (inventory, track and correct) all software on the network so that only authorized software is installed and can execute, and unauthorized and unmanged software is found and prevented from installation or execution.",
"": ""
},
{
"1": "3",
"Inventory of Authorized and Unauthorized Devices": "Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers",
View CIS71.json
[
{
"1": "1",
"Inventory and Control of Hardware Assets": "Inventory and Control of Hardware Assets",
"Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.": "Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.",
"1.1": "1.2",
"Utilize an Active Discovery Tool": "Use a Passive Asset Discovery Tool",
"Utilize an active discovery tool to identify devices connected to the organization's network and update the hardware asset inventory.": "Utilize a passive discovery tool to identify devices connected to the organization's network and automatically update the organization's hardware asset inventory.",
"TBD": "TBD"
},
You can’t perform that action at this time.