Skip to content

Instantly share code, notes, and snippets.

Avatar
🏠
Working from home

Florian Walther scusi

🏠
Working from home
View GitHub Profile
View enableTelemetry.ps1
# powershell script to (re-)enable telemetry in win10
#
# flw@posteo.de
#
# run as admin
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit }
# Step 1: deactivate DiagTrack service
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\DiagTrack\ -name Start -Value 2
@scusi
scusi / disableTelemetry.ps1
Last active Nov 9, 2019
disable telemetry call home in windows10
View disableTelemetry.ps1
# powershell script to disable telemetry in win10
#
# Source:
# https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Cyber-Sicherheit/SiSyPHus/Analyse_Telemetriekomponente.pdf?__blob=publicationFile&v=3
# run as admin
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit }
# Step 1: deactivate DiagTrack service
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\DiagTrack\ -name Start -Value 4
@scusi
scusi / xor.go
Last active May 18, 2017
rolling xor implementation in go
View xor.go
package main
import (
"container/ring"
"flag"
"io/ioutil"
"log"
)
var keyFile string
@scusi
scusi / gifExeExtract.go
Created Mar 30, 2017
extract payload exe from downloaded gif as Trojan-Ransom.Win32.Foreign does
View gifExeExtract.go
package main
import (
"bufio"
"bytes"
"container/ring"
"encoding/hex"
"flag"
"fmt"
"io/ioutil"
@scusi
scusi / Parse.go
Created Oct 29, 2014
Paresing FritzBox BPjM Files useing bpjm module in golang
View Parse.go
// tool that uses my bpjm library to load and parse a BPJM File from a FritzBox
package main
import(
"github.com/scusi/bpjm"
"fmt"
"os"
)
func main(){
@scusi
scusi / bpjm.go
Last active Aug 29, 2015
golang module to handle BPjM Lists
View bpjm.go
// go library to scope with the BPjM Censorship list
package Bpjm
import (
"net/url"
"regexp"
"crypto/md5"
"strings"
"bytes"
@scusi
scusi / parseFritzBpjmFile.go
Created Oct 29, 2014
parse FritzBox BPJM Files with go
View parseFritzBpjmFile.go
// parse a FritzBox Bpjm File
package main
import (
"os"
"fmt"
"bytes"
"io"
"io/ioutil"
@scusi
scusi / dns_xor.go
Last active Aug 29, 2015
encode/decode FrameworkPOS Malware DNS exfiltrated data
View dns_xor.go
// domain data encoding/decoding algo for FrameworkPOS Malware DNS-Tunneling Variant,
// as described on:
// https://blog.gdata.de/artikel/neue-variante-von-frameworkpos-schoepft-daten-ueber-dns-anfragen-ab/
//
package main
import(
"fmt"
"os"
@scusi
scusi / ConvertBinaryBpjmData.sh
Last active Aug 29, 2015
convert binary bpjm data from FritzBox routers into text files
View ConvertBinaryBpjmData.sh
#!/bin/sh
#
# USAGE:
# $> ./ConvertBinaryBpjmData.sh bpjm.data
#
RAWFILE=$1
OUTFILE=`strings $RAWFILE | head -n 1`
od -t x1 -An -j 64 $RAWFILE | tr -d '\n ' > $OUTFILE
You can’t perform that action at this time.