Skip to content

Instantly share code, notes, and snippets.

View tommytri's full-sized avatar
🎯
be stronger

Tommy Tri tommytri

🎯
be stronger
  • Hanoi, Vietnam
View GitHub Profile
@tommytri
tommytri / AccessChk.bat
Created July 7, 2025 11:26 — forked from api0cradle/AccessChk.bat
AppLocker hardening
accesschk -w -s -u Users "C:\Program Files" >> programfiles.txt
accesschk -w -s -u Everyone "C:\Program Files" >> programfiles.txt
accesschk -w -s -u "Authenticated Users" "C:\Program Files" >> programfiles.txt
accesschk -w -s -u Interactive "C:\Program Files" >> programfiles.txt
accesschk -w -s -u "This Organization" "C:\Program Files" >> programfiles.txt
accesschk -w -s -u "Authentication authority asserted identity" "C:\Program Files" >> programfiles.txt
accesschk -w -s -u "Mandatory Label\Medium Mandatory Level" "C:\Program Files" >> programfiles.txt
accesschk -w -s -u %username% "C:\Program Files" >> programfiles.txt
accesschk -w -s -u Users "C:\Program Files (x86)" >> programfilesx86.txt
@tommytri
tommytri / Penetration Testing Report (Temika).md
Created June 26, 2025 15:00
@tommytri
tommytri / ubuntu-server-hardening.md
Created February 8, 2025 02:59 — forked from mirajehossain/ubuntu-server-hardening.md
ubuntu-server-hardening checklist

Ubuntu-Server-Hardening

1. Secure Shared Memory

What is shared memory?

Shared memory is an efficient means of passing data between programs. Because two or more processes can use the same memory space, it has been discovered that, since shared memory is, by default, mounted as read/write, the /run/shm space can be easily exploited. That translates to a weakened state of security.

If you’re unaware, shared memory can be used in an attack against a running service. Because of this, you’ll want to secure that portion of system memory.

@tommytri
tommytri / checkhiddensvc.ps1
Created January 11, 2025 06:49 — forked from joswr1ght/checkhiddensvc.ps1
Identify Hidden Windows Services
Compare-Object -ReferenceObject (Get-Service | Select-Object -ExpandProperty Name | % { $_ -replace "_[0-9a-f]{2,8}$" } ) -DifferenceObject (gci -path hklm:\system\currentcontrolset\services | % { $_.Name -Replace "HKEY_LOCAL_MACHINE\\","HKLM:\" } | ? { Get-ItemProperty -Path "$_" -name objectname -erroraction 'ignore' } | % { $_.substring(40) }) -PassThru | ?{$_.sideIndicator -eq "=>"}
@tommytri
tommytri / newsletter.md
Created November 13, 2024 02:17 — forked from unixsysadmin/newsletter.md
Sysadmin and DevOps Newsletters

DevOps

  • DevOpsish - DevOps’ish is a weekly newsletter assembled by open source contributor, DevOps veteran, and CNCF Ambassador Chris Short.

  • DevOpsLinks - DevOpsLinks is a community of aspiring DevOps professionals and practicioners from all over the world.

  • DevOps Weekly - weekly devops news from Gareth Rushgrove.

  • WebOps Weekly - A weekly newsletter on Web operations, infrastructure, performance, the backend, and tooling, from the browser down to the metal.