Find the culprit that prevents ejection of Flash Drives or any other unit.
wevtutil qe System /q:"*[System[(EventID=225)]]" /c:5 /f:text /rd:true
Romel Vera RomelSan
RomelSan
/ Eject USB Units.md
Last active
September 8, 2023 05:50
Find the culprit that prevents ejection of Flash Drives or any other unit.
- Terminal --> Features --> Disable Application Keypad mode
- Terminal --> Keyboard --> The Function keys and keypad --> Linux
- Connection --> Data --> set terminal-type string to
linux - Window -> Appearance set check for "Allow selection of variable pitch fonts"
- Window -> Colours set check for "Selected text is a different colour"
- Use font
Cascadia Code PLincluded with "Windows Terminal" app or download from github
File to install:CascadiaCodePL.ttf
https://github.com/microsoft/cascadia-code - If you are using oh my zsh then you can use the fonts from
nerdfonts.com
RomelSan
/ Set up Powerline in PowerShell.md
Last active
March 18, 2025 11:31
Set up Powerline in PowerShell
Install Windows Terminal: https://github.com/microsoft/terminal/releases
Install Git for Windows: https://git-scm.com/downloads
Install Cascadia Code PL Font: https://github.com/microsoft/cascadia-code/releases
- Oh-My-Posh provides theme capabilities for your PowerShell prompt.
- Posh-Git adds Git status information to your prompt as well as tab-completion for Git
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Magic of Math in Language | |
| # v2.0 by @RomelSan (August 20, 2020) | |
| #Functions | |
| def sum_digits(n): | |
| # Sum numbers until it is 1 digit | |
| if n > 0: | |
| s = (n-1) // 9 | |
| return n-9*s | |
| return 0 |
RomelSan
/ Powershell-Incident-CheatSheet.ps1
Created
August 20, 2020 19:04
Incident Response: Windows Cheatsheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Incident Response: Windows Cheatsheet | |
| # Commands for CMD / Powershell / GUI | |
| # Check user accounts | |
| lusrmgr.msc | |
| # See the user accounts for the system and the type of account it is | |
| net user | |
| Get-LocalUser | |
| # Check Administrators | |
| net localgroup administrators |
RomelSan
/ ListPrivilegedServices.ps1
Last active
September 8, 2023 05:59
List privileged services that don't come with Windows 10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # List privileged services that don't come with Windows 10 | |
| # Exclusion List for Win10 built in | |
| $exclusion = @('AppVClient', 'ClickToRunSvc', 'COMSysApp', 'diagnosticshub.standardcollector.service', | |
| 'msiserver', 'ose', 'perceptionsimulation', 'SecurityHealthService', 'Sense', | |
| 'SensorDataService', 'SgrmBroker', 'Spooler', 'ssh-agent', 'TieringEngineService', | |
| 'TrustedInstaller', 'UevAgentService', 'vds', 'VSS', 'wbengine', 'WinDefend', 'wmiApSrv', | |
| 'WSearch', 'SamSs') | |
| # Get Service List with LocalSystem and Startmode Auto and does not contain svchost.exe (Also exclude the ones from the list) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Minimum size of USB stick 6GB | |
| # Set here the path of your ISO file | |
| $iso = 'C:\Users\localuser\Downloads\en_win10.iso' | |
| # Clean ! will clear any plugged-in USB stick!! | |
| Get-Disk | Where BusType -eq 'USB' | | |
| Clear-Disk -RemoveData -Confirm:$true -PassThru | |
| # Convert GPT |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Mikrotik Personal Queue Tree based on Priority for devices | |
| # Mark in Mangle (Global Internet, Devices Download, Devices Upload) | |
| /ip firewall mangle | |
| add action=mark-connection chain=prerouting comment="Internet Download" in-interface=ether10-Internet new-connection-mark=Internet_conn passthrough=yes | |
| add action=mark-packet chain=prerouting connection-mark=Internet_conn new-packet-mark=Internet passthrough=no | |
| add action=mark-connection chain=forward comment="Main Camera Download" dst-address=192.168.0.10 new-connection-mark=Camera_Conn_FW packet-mark=Internet passthrough=yes | |
| add action=mark-packet chain=forward connection-mark=Camera_Conn_FW new-packet-mark="Camera_Download" passthrough=no |
RomelSan
/ RouterOS 6 Syntax.xml
Last active
August 18, 2025 21:37
Mikrotik RouterOS Syntax for Notepad++
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <NotepadPlus> | |
| <UserLang name="RouterOS" ext="rsc" udlVersion="2.1"> | |
| <Settings> | |
| <Global caseIgnored="yes" allowFoldOfComments="no" foldCompact="no" forcePureLC="0" decimalSeparator="0" /> | |
| <Prefix Keywords1="no" Keywords2="no" Keywords3="yes" Keywords4="no" Keywords5="no" Keywords6="no" Keywords7="no" Keywords8="no" /> | |
| </Settings> | |
| <KeywordLists> | |
| <Keywords name="Comments">00# 01 02 03 04</Keywords> | |
| <Keywords name="Numbers, prefix1"></Keywords> | |
| <Keywords name="Numbers, prefix2"></Keywords> |
NewerOlder