asheroto

TacticalRMM One-Line Agent Deployer

Creates a one-line command to download and install a TacticalRMM agent. It works by creating a script and converting it into a base64 command. It then copies the command to your clipboard, so you can paste it / save it as needed.

It also adds a temporary exclusion in Windows Defender to ensure the agent installs without any false positives. The exclusion is removed after the agent download is deleted.

Example

Disable Hyperlinks for Specific Sender Domain in Outlok

This is an Outlook macro that will disable hyperlinks for a specific sender domain. The example disables hyperlinks for e-mails from ebay.com, but of course you can change it to anything you'd like.

Instructions

Open Outlook
Enable macros
Press Alt+F11
In ThisOutlookSession copy and paste the following:

Private Sub Application_ItemLoad(ByVal Item As Object)

Sort-Custom

Sort/alphabetize a custom PowerShell object by property name such as when using a command line Get-Host.

Example

Before:

PS C:\> Get-Host

Name : ConsoleHost

Windows 10/11 Setup Answer File + TPM Bypass + CPU requirement + storage requirement + Internet requirement bypass + disable BitLocker automatic encryption

This is a Windows setup answer file working on Windows 10 and 11.

What it does:

Skips OOBE (EULA, networking) and pretty much everything else during normal setup
Sets Keyboard + Language to English (US)
Set timezone to Central Standard Time
Creates user "User" with password of "password"

	function ExtractIPaddressesAndCount {
	[CmdletBinding()]
	param(
	[Parameter(Position = 0, mandatory = $true)]
	[string] $InputFile,
	[Parameter(Position = 1, mandatory = $true)]
	[string] $OutputFile
	)

	If (-Not(Test-Path -Path $InputFile -PathType Leaf)) {

	# Custom Protocol
	#
	# Description:
	# Creates a new custom protocol in Windows
	#
	# Note:
	# Be sure to change the variables before running!
	#
	# Author: asheroto
	# Author GitHub: https://github.com/asheroto

-Clear-Host;
-# Begin
-Write-Output "⏲️⏲️⏲️ Starting ⏲️⏲️⏲️"
-Write-Output ("-" * 50)
-Write-Output ""
-# System PATH
-Write-Output "🖥️ Checking System PATH 🖥️"
-$TempMachinePath = [System.Environment]::GetEnvironmentVariable("Path", "Machine");

	Windows Registry Editor Version 5.00

	[HKEY_CLASSES_ROOT\SystemFileAssociations\.ps1]

	[HKEY_CLASSES_ROOT\SystemFileAssociations\.ps1\Shell]

	[HKEY_CLASSES_ROOT\SystemFileAssociations\.ps1\Shell\Edit]
	"NoSmartScreen"=""

	[HKEY_CLASSES_ROOT\SystemFileAssociations\.ps1\Shell\Edit\Command]

	#Requires -RunAsAdministrator

	# Get Dell Service Tag
	# If empty or serial number is greater than 7 characters, exit script
	$serial = (get-wmiobject win32_systemenclosure \| select serialnumber).serialnumber
	if ($serial.length -eq 0 -or $serial.length -gt 7) { Write-Output "Service tag not detected! Failed rename."; exit; }
	Write-Output "Dell Service Tag: $serial"
	Write-Output ""

	# Rename

	$result = Get-WinEvent -FilterHashTable @{LogName="Microsoft-Windows-Sysmon/Operational"; StartTime=(get-date).AddHours(-1); EndTime=(Get-Date); ID=1}\| ?{$_.Message -match "Invoke-Command" }
	if($result.Count -gt 0) {
	# PUT YOUR SCRIPT ACTION HERE WHEN DETECTED IN THE LAST HOUR
	}