Skip to content

Instantly share code, notes, and snippets.

View technion's full-sized avatar

Joshua Small technion

85 followers · 1 following
View GitHub Profile
@technion
technion / Hyper-V VM Use Report.ps1
Created July 14, 2020 03:43
Report on whole VM cluster in csv format
$nodelist = Get-Clusternode -Cluster cls
$vmdata = @()
foreach ($node in $nodelist) {
$vmList = Get-VM -ComputerName $node.Name | where { $_.name -notlike '*_replica' }
foreach ($vm in $vmList) {
$UtilSummaryObj = New-Object System.Object
@technion
technion / User duplicate provisioning.ps1
Last active June 29, 2020 05:00
Set-StrictMode -Version 2
Add-Type -AssemblyName 'System.Web'
$adusers = Get-ADGroupMember "Team"
foreach ($user in $adusers) {
$newname = "$($user.Samaccountname).delegate"
$password = [System.Web.Security.Membership]::GeneratePassword(12, 0)
$secPw = ConvertTo-SecureString -String $password -AsPlainText -Force
@technion
technion / AzureGroups.ps1
Created April 30, 2020 05:47
Adds all AzureAD users with a certain license to a group
$skus = Get-AzureADSubscribedSku
# Exchange Online E1
$skue1 = ( $skus | where { $_.skupartnumber -eq 'EXCHANGESTANDARD' } ).SkuID
$members = Get-AzureADUser -All $true
foreach($member in $members) {
if ($member.ImmutableId -eq $null) {
# Cloud user - skip
@technion
technion / Check-CVE-2020-0688.ps1
Created April 7, 2020 07:00
Scan Exchange server for CVE-2020-0688 vulnerability
Set-Strictmode -Version 2
$path = Get-WebApplication ecp
$ecppath = $path | where { $_.PhysicalPath -match 'Client' }
$found = Select-String validationKey -Path "$($ecppath.PhysicalPath)\web.config"
if ($found) {
Write-host "Server is vulnerable" -ForegroundColor Yellow
} else {
write-host "Server is not vulnerable"
}
@technion
technion / dlimportexport.ps1
Created January 14, 2020 00:36
# Export
$allGroups = Get-DistributionGroup | select Name, primarysmtpaddress
$exportlist = @()
foreach($group in $allGroups) {
$obj = New-Object -TypeName psobject
$obj | Add-Member -MemberType NoteProperty -Name Name -Value $group.Name
$obj | Add-Member -MemberType NoteProperty -Name Email -Value $group.PrimarySMTPAddress
@technion
technion / otxhashget.ps1
Created July 26, 2019 06:24
Alien Vault OTX file hash IOC download Powershell
# Script to create current IOC hash file from Alien Vault Open Threat Exchange
$apikey = "KEY"
$feedurl = "https://otx.alienvault.com/api/v1/pulses/subscribed/?limit=10&page=1"
Start-Transcript -Path E:\custom-hash-iocs.txt
function fetchOTX($url) {
$indicators = Invoke-RestMethod -Uri $url -Headers @{"X-OTX-API-KEY"="$apikey"}
foreach($ioc in $indicators.results.indicators) {
if ($ioc.type -like "FileHash-*") {
@technion
technion / phishget.rb
Last active August 3, 2022 09:11
See https://lolware.net/2019/05/12/abusing-safebrowse.html for information
#!/usr/bin/env ruby
require 'httparty'
FILELIST = [
'/dropbox.zip',
'/robots.txt', # Not from the original list - this serves as a sanity check as it usually exists
'/css/business-frontpage.css',
'/newphase.zip',
'/Doc.zip',
'/wp-content.zip',
@technion
technion / assertions.c
Created April 27, 2019 07:36
Assertion testing
$ cat assertion.c
#include <stdio.h>
#include <assert.h>
int main()
{
int i = 7;
assert(i > 10);
printf("Just printing something\n");
return 0;
@technion
technion / vlanconvert.rb
Created March 28, 2019 05:19
#!/usr/bin/env ruby
INTEST = '5 10 20 50-60 70-73 75-79 80 95'.freeze
OUTTEST = '5 10 20 50 51 52 53 54 55 56 57 58 59 60 70 71 72 73 75 76 77 78 79 80 95'.freeze
def rangeconvert(r)
start, finish = r.scan(/\d+/)
raise "Invalid input" unless start < finish
(start..finish).to_a.join(' ')
end
@technion
technion / godaddy tracking.js
Created January 13, 2019 04:21
! function(a, b) {
var c = function(a) {
function b(a) {
return c() + "-" + d() + "-" + e() + "-" + f() + "-" + g(a)
}
function c() {
var a = new Date,
b = Math.round(a.getTime() / 1e3); //to seconds rounded
b = parseInt(b.toString().slice(1)), //remove leading precision .. todo: substring