It's a fast go-based scanner for Linux, Windows, and macOS that applies Sigma rules and outputs the matches as JSON.
git clone https://github.com/SigmaHQ/sigma.git
cd sigma
Bert Mueller BertMueller18
FriedrichWeinmann
/ DomainCryptographyScan.ps1
Last active
October 24, 2024 16:27
Scans an Active Directory domain's and its principal's kerberos encryption configuration.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Scans an Active Directory domain's and its principal's kerberos encryption configuration. | |
| .DESCRIPTION | |
| Scans an Active Directory domain's and its principal's kerberos encryption configuration. | |
| It will generate all data via LDAP, and analyze the results for possible authentication issues. | |
| It supports three ways to report: | |
| - Print: Write analysis of results to screen |
deadlydog
/ MigrateIisAppsAndConfigurationToOtherServer.cmd
Created
November 17, 2022 16:24
Migrate IIS Apps And Configuration ToOther Server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :: This script will migrate all of the IIS Applications and Configuration from the local server to the destination server. | |
| :: This script needs to be ran from the source server that has the IIS configuration that you want to migrate. | |
| :: MsDeploy will often generate a lot of output, so it's best to remote desktop onto the server that you want to migrate, | |
| :: rather than running this command via PowerShell Remoting, as it will take a very long time to pipe the output back to | |
| :: your local machine. | |
| :: The server you are syncing to must also have Web Deploy installed on it. You can download it from: | |
| :: http://www.microsoft.com/en-ca/download/details.aspx?id=43717 | |
| :: Be sure to do the "Complete" installation, not just the "Typical" so that the Web Deployment Agent Service gets installed. |
FriedrichWeinmann
/ Get-ServiceAccess.ps1
Created
October 16, 2022 07:46
Returns windows service security information from registry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-ServiceAccess { | |
| <# | |
| .SYNOPSIS | |
| Returns windows service security information from registry | |
| .DESCRIPTION | |
| Returns windows service security information from registry. | |
| This allows finding services that have been hidden from SCM through a deny rule. | |
| Triggered by this thread on Twitter: |
cdot65
/ up-and-running-ansible-awx.md
Last active
May 1, 2024 07:01
Install Ansible AWX on Rancher k3s
jonny-jhnson
/ LogonSessionProcesses.ps1
Created
September 27, 2022 21:40
Updated version of Lee Christensen's (@tifkin_) Get-LogonSessionProcesses script which will obtain information regarding processes tied to a given LogonID and with it any network connections that process may have.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if (-not ('TokenInformation.ProcessNativeMethods' -as [type])){ | |
| $TypeDef = @' | |
| using System; | |
| using System.Runtime.InteropServices; | |
| namespace TokenInformation { | |
| [Flags] | |
| public enum ProcessAccess { | |
| All = 0x001FFFFF, | |
| Terminate = 0x00000001, | |
| CreateThread = 0x00000002, |
jpomfret
/ ParseGarminWeightCSV.ps1
Last active
July 29, 2022 08:57
Reformat the weight.csv you get when you download garmin connect weight data
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Login to https://connect.garmin.com/ & Navigate to 'Health Stats > Weight > 1 Year' | |
| # at the top there is an export, that'll get you the csv. | |
| # but the csv is in a poor format, with the date on the row above the data - this will reformat it for you | |
| $weight = import-csv 'C:\Users\JessPomfret\Downloads\Weight.csv' | |
| $counter = 0 | |
| $final = $weight.foreach{ | |
| if ( ($counter % 2) -eq 0) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function WithRetry { | |
| param ( | |
| [Parameter(Mandatory = $true, ValueFromPipeline = $true)] | |
| [ValidateNotNull()] | |
| [ScriptBlock] $Command, | |
| [Parameter(Mandatory = $false)] | |
| [int]$RetryCount = 3 | |
| ) | |
| Write-Host "Retry Injection Scope" |
jonny-jhnson
/ KerberosCorrelation.ipynb
Last active
May 28, 2024 22:40
Kerberos Detection/Investigation
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
aclarknexient
/ install-zsh-stuff.md
Last active
December 28, 2025 15:14
Quick HOWTO install fzf oh-my-zsh powerlevel10k fd ripgrep on MacOS