rc-MikeDevens
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
pmichaudrc
/ Invoke-ChainReaction.ps1
Created
July 13, 2021 13:31
PowerShell script that combines the original Chain Reactions from Atomic Red Team
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-ChainReaction { | |
| <# | |
| .SYNOPSIS | |
| A single script that combines the original Chain Reactions from the Atomic Red Team project | |
| .PARAMETER Reaction | |
| Specifies the ChainReaction to execute. |
ChuckFrey
/ RansomwareExtensions.txt
Last active
May 31, 2024 18:41
Possible file extensions to open with notepad.exe to reduce the risk of ransomware executing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| You can create a GPO to test changing the default behavior of the following extensions to not behave as a script | |
| but rather as a benign text file opened in notepad. | |
| js | |
| wsh | |
| vbs | |
| wsc | |
| sct | |
| jse | |
| wsf |
curi0usJack
/ .htaccess
Last active
July 9, 2024 18:38
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__! | |
| # | |
| # Note this version requires Apache 2.4+ | |
| # | |
| # Save this file into something like /etc/apache2/redirect.rules. | |
| # Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom | |
| # | |
| # Include /etc/apache2/redirect.rules | |
| # |
Cyb3rWard0g
/ StartLogging.xml
Last active
July 6, 2022 23:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Sysmon schemaversion="4.32"> | |
| <!-- Capture all hashes --> | |
| <HashAlgorithms>*</HashAlgorithms> | |
| <DnsLookup>False</DnsLookup> | |
| <ArchiveDirectory>Archive</ArchiveDirectory> | |
| <EventFiltering> | |
| <RuleGroup name="" groupRelation="or"> | |
| <!-- Event ID 1 == Process Creation. Log all newly created processes except --> | |
| <ProcessCreate onmatch="exclude"> | |
| <Image condition="contains">splunk</Image> |