Eddie Carswell AfroThundr3007730
🔧
AfroThundr3007730
/ AccountHygiene.ps1
Last active
March 14, 2021 21:12
Script to disable inactive user accounts after a set period and delete disabled accounts after another set period.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Start-Transcript C:\ProgramData\account-hygiene.log -Append | |
| function accountFilter($accountList) { | |
| # Filter out system principals and exempt accounts | |
| return $accountList | Where-Object { | |
| # Don't process these accounts | |
| $_.DistinguishedName -notmatch "OU=Service Accounts" -and | |
| $_.DistinguishedName -notmatch "OU=Admin Accounts" -and | |
| $_.DistinguishedName -notmatch "OU=DA Accounts" -and | |
| $_.DistinguishedName -notmatch "OU=Special" -and |
AfroThundr3007730
/ logrotate-auditd.conf
Created
January 14, 2020 19:51
Config for audit.log rotation using logrotate
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /var/log/audit/audit.log { | |
| weekly | |
| missingok | |
| notifempty | |
| sharedscripts | |
| rotate 5 | |
| maxsize 50M | |
| compress | |
| copytruncate | |
| nodateext |
AfroThundr3007730
/ dev-shm-noexec.service
Last active
January 22, 2022 20:24
Remounts /dev/shm with noexec to satisfy STIG requirements
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/etc/systemd/system/dev-shm-noexec.service | |
| [Unit] | |
| Description=Remounts /dev/shm with noexec to satisfy STIG requirements | |
| DefaultDependencies=false | |
| [Service] | |
| ExecStart=/bin/mount -o remount,nosuid /dev/shm | |
| Type=oneshot |
AfroThundr3007730
/ EnforceSmartcard.ps1
Last active
March 30, 2021 00:28
Script to enforce Smart Card logon for accounts not in an exemption group
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Start-Transcript C:\ProgramData\smartcard-enforcement.log -Append | |
| function accountFilter($accountList) { | |
| # Filter out system principals and exempt accounts | |
| return $accountList | Where-Object { | |
| # These can't use a smart card | |
| $_.DistinguishedName -notmatch "Service Accounts" -and | |
| $_.DistinguishedName -notmatch "Admin Accounts" -and | |
| $_.DistinguishedName -notmatch "DA Accounts" -and | |
| # Builtin and system principals |
AfroThundr3007730
/ wanikani-breeze-dark-fix.user.css
Last active
June 28, 2020 02:41
Fixes for the Wanikani Breeze Dark theme
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* ==UserStyle== | |
| @name Wanikani Breeze Dark (Fixes) | |
| @namespace github.com/AfroThundr3007730 | |
| @version 1.0.3 | |
| @description Fixes for the Wanikani Breeze Dark theme | |
| @author ZeroSinner & Kumirei & AfroThundr | |
| @homepageURL https://gitlab.com/valeth/wanikani-breeze-dark/ | |
| @updateURL https://gist.githubusercontent.com/AfroThundr3007730/6d591a5d2594d7951de92306858a60a7/raw/wanikani-breeze-dark-fix.user.css | |
| @supportURL https://community.wanikani.com/t/16973/ | |
| @license CC-BY-SA-4.0 |
AfroThundr3007730
/ proc_parse.py
Created
June 23, 2019 21:16
Parses process statistics from /proc into JSON for a given PID
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import os | |
| import sys | |
| import json | |
| def parse_proc(): | |
| values = {} |
AfroThundr3007730
/ socks-create.sh
Created
June 23, 2019 17:48
Create an on-demand SSH-based SOCKS5 proxy via systemd socket activation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # These steps will allow the setup of an on-demand SSH proxy | |
| # Three unit files will be created to serve this purpose: | |
| # ssh-socks-helper.socket - The listening socket providing activation | |
| # ssh-socks-helper.service - A systemd proxy to pass the socket fd | |
| # ssh-socks.service - The actual SSH service providing the tunnel | |
| cat <<'EOF' > ~/.config/systemd/user/ssh-socks-helper.socket | |
| [Unit] | |
| Description=Proxy Helper Socket for Bastion SOCKS5 Proxy |
AfroThundr3007730
/ no-wsj-paywall.user.js
Created
June 7, 2019 20:40
Attempts to show the non-paywalled version of Wall Street Journal articles
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name Remove WSJ Paywall | |
| // @namespace http://tampermonkey.net/ | |
| // @version 0.1 | |
| // @description Attempts to show the non-paywalled version of Wall Street Journal articles | |
| // @author AfroThundr | |
| // @include https://www.wsj.com/articles/* | |
| // @grant none | |
| // @run-at document-start | |
| // ==/UserScript== |
AfroThundr3007730
/ stylish_dump.py
Last active
June 5, 2019 16:30
Recover Stylish styles after webextension migration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Dumps pre-webextension Stylish styles to CSS files | |
| import os | |
| import json | |
| def dump_styles(): | |
| dump_dir = os.path.join(os.getcwd(), 'style_dump') | |
| style_file = os.path.join(os.getcwd(), 'stylish-storage.js') | |
| stylish = json.load(open(style_file, 'r')) |
AfroThundr3007730
/ certbot-ddns-hook.sh
Last active
May 9, 2019 04:51
Certbot hook to update a DDNS zone using nsupdate
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Pre- and post-hook for certbot dns-01 to use DDNS | |
| # Where we put our TSIG for dynamic udpates | |
| TSIG=/etc/letsencrypt/acme.key | |
| # We need the authoritative nameserver | |
| NS="dig +short $(host -v $CERTBOT_DOMAIN | awk '/SOA/ {print $5}' | head -1)" | |
| # The actual challenge record to use |