mongo
use admin
db.getUsers()
exit
aguy aguytech
aguytech
/ tsurugi-conf.sh
Last active
June 21, 2022 22:24
[tsurugi] modifications tsurugi vm #forensic #disk #memory #network
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #### system | |
| sudo swapoff -av | |
| sudo sh -c 'echo vm.swappiness=5 > /etc/sysctl.d/99-swappiness.conf' | |
| #### volatility | |
| # https://github.com/volatilityfoundation/volatility/wiki/Installation |
aguytech
/ xxd-install.sh
Last active
June 14, 2022 09:51
[xxd] help for xxd #bash #help #malware #forensic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| sudo apt install bsdmainutils |
https://opensource.com/article/18/3/creating-bash-completion-script
an array variable used to store the completions. The completion mechanism uses this variable to display its contents as completions
COMPREPLY=( $(compgen -W "now tomorrow never" -- ${COMP_WORDS[COMP_CWORD]}) ) # propose given words at each let choose the first completion from given words and repeat it after (replace)
COMPREPLY=( $(compgen -W "now tomorrow never" "${COMP_WORDS[1]}") ) # let choose the first completion from given words and repeat it after (replace)
aguytech
/ forensic-disk-info.md
Last active
June 18, 2022 22:37
[forensic-disk] forensic tips for disk analysis #bash #malware #forensic #tips #disk
aguytech
/ cmp-options.md
Last active
June 14, 2022 10:06
[cmp] Compares binary files #bash #help #forensic #malware
-b, --print-bytes # print differing bytes
-i, --ignore-initial=SKIP # skip first SKIP bytes of both inputs
-i, --ignore-initial=SKIP1:SKIP2 # skip first SKIP1 bytes of FILE1 and first SKIP2 bytes of FILE2
-l, --verbose # output byte numbers and differing byte values
-n, --bytes=LIMIT # compare at most LIMIT bytes
-s, --quiet, --silent # suppress all normal output
aguytech
/ hive-disable-security-center.reg
Last active
June 14, 2022 10:07
[hive] Windows hive analysis #bash #disk #forensic #help #hive #tips #windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService] | |
| "Start"=dword:00000004 | |
| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc] | |
| "Start"=dword:00000004 | |
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] | |
| "DisableAntiSpyware"=dword:00000001 |
aguytech
/ reglookup-install.md
Last active
June 14, 2022 10:08
[reglookup] Hive analysis #bash #help #forensic #disk #hive
aguytech
/ regripper-install.md
Last active
June 14, 2022 10:09
[regripper] Hive analysis #bash #help #forensic #disk #hive
See foralyse
aguytech
/ sqlite3-windows-notification.md
Last active
June 14, 2022 10:05
[sqlite3] sqlite to analyse windows notification #bash #malware #forensic #tips
NewerOlder