I hereby claim:
- I am darkoperator on github.
- I am darkoperator (https://keybase.io/darkoperator) on keybase.
- I have a public key whose fingerprint is 15B7 F997 6A55 511C 35AC 09BB 0404 C8BC C764 38E3
To claim this, I am signing this object:
Carlos Perez darkoperator
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Embed a DLL so as to add the library necessary to perform DNS Queries. | |
| $EncodedCompressedFile = @' | |
| xL0HfBzFFT8+t3u3ezpJlk6y91Rs3xkwnLWybFmUc8GWAZseTC8GXGkGfCBBKLbAIZQALhgcijHNYNMhgMH0HgIhhC5AxCSQ3hNCQiiWf+/7pu1JMuT3//w+n79hdbtv+sybN2/ee/Nm/6OuEK4QIk7Pli1CPCrkv3bx7f+W0DMo+/ggsaHstRGPxvZ7bcQhJ57UmTuto3hCx5xTc/PmLFxYPCM397hcx5kLcyctzO1xwMG5U4vzj2uprExtp/KYMU2I/WKuaDvvj/vofH8lnBHlsaQQVztCVEhYy8P0nqOXZx1ZO7w7st5C2F+B1hD81t879NN+kRDV/L/9NT/8750NjjhcyHyvKBugkb9ydBX+7/5R/ZKRzyR97xX5bjnjuLPPoN8df6jahbY6/bKY3dLR2TGP3rluaHuKfq8tjdhO/7d0HHdKcZ7qrl+pvNb2i7db32pWPyzjoG6OSIgnt8TE7A1C6K4YSv0DnJiRk+P9bf/afrBH7vXvvbs83He3rmHZd148ouvUeTuuX/vn9tXrH/NXPDH8pZqGKZN3Gvl4256fbHNC0/3VH6869MV1N8/e8tCEc34/7Sfzrnrwxrpbe04/PplcuumVp098KFPc/8Lph15zUv77Fb/Z944J178xZt8/LTtu8sh7/j706Os/XjbnzmOPez299z1PuBcce87snjn31NeOjQlf1cXJf4/6q0nUjnXEIA0byUC3K0Y40yRESfxFEliaxwSVRxRWYWCegnV86IvTOL+EwS+nYfDgwXkaMC9fTn+aSsLcbwqL9wlzxVCqGv2fDkf1VsTENKDWMfTsS09Iz7P03ETPqfScT0+ank7Cay+VQ617B8VE+JLjLV5ADczkf+AIb3Qu5+iQe0IRxmIdOyXFaR1H0p/OemrfubmYDl/qNrTslhPqs3D |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $s1 = (gwmi -List Win32_ShadowCopy).Create("C:\", "ClientAccessible") | |
| $s2 = gwmi Win32_ShadowCopy | ? { $_.ID -eq $s1.ShadowID } | |
| $d = $s2.DeviceObject + "\" | |
| cmd /c mklink /d C:\scpy "$d" | |
| New-CIPolicy -Level RootCertificate -FilePath C:\BasePolicy.xml -ScanPath C:\scpy -UserPEs | |
| $s2.Delete() | |
| Remove-Item -Path C:\scpy -Force | |
| Set-RuleOption –option 3 –FilePath C:\BasePolicy.xml | |
| ConvertFrom-CIPolicy C:\BasePolicy.xml C:\BasePolicy.bin | |
| Move-Item C:\BasePolicy.bin c:\Windows\System32\CodeIntegrity\SIPolicy.p7b -force |
darkoperator
/ keybase.md
Created
March 4, 2015 01:22
darkoperator
/ posh-sysmoninstall.ps1
Last active
August 4, 2017 19:17
PowerShell Script to Install Posh-Sysmon
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Make sure the module is not loaded | |
| Remove-Module posh-secmod -ErrorAction SilentlyContinue | |
| # Download latest version | |
| $webclient = New-Object System.Net.WebClient | |
| $url = "https://github.com/darkoperator/Posh-Sysmon/archive/master.zip" | |
| Write-Host "Downloading latest version of Posh-Sysmon from $url" -ForegroundColor Cyan | |
| $file = "$($env:TEMP)\Posh-Sysmon.zip" | |
| $webclient.DownloadFile($url,$file) | |
| Write-Host "File saved to $file" -ForegroundColor Green | |
| # Unblock and Decompress |
darkoperator
/ iphelper.cs
Created
March 19, 2014 23:43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Text; | |
| using System.Threading.Tasks; | |
| using System.Management.Automation; | |
| using System.Net; | |
| namespace IPHelper | |
| { |
darkoperator
/ Enable-HardPSRemote.ps1
Created
March 7, 2014 22:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Confirm-IsAdmin | |
| { | |
| (whoami /all | Select-String S-1-16-12288) -ne $null | |
| } | |
| if (Confirm-IsAdmin) | |
| { | |
| Write-Host "Modifying interfaces with public Profile" | |
| $nlm = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}")) |
darkoperator
/ PoshMetasploit.ps1
Created
March 6, 2014 00:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Make sure the module is not loaded | |
| Remove-Module Posh-Metasploit -ErrorAction SilentlyContinue | |
| # Download latest version | |
| $webclient = New-Object System.Net.WebClient | |
| $url = "https://github.com/darkoperator/Posh-Metasploit/archive/master.zip" | |
| Write-Host "Downloading latest version of Posh-Metasploit from $url" -ForegroundColor Cyan | |
| $file = "$($env:TEMP)\Posh-Metasploit.zip" | |
| $webclient.DownloadFile($url,$file) | |
| Write-Host "File saved to $file" -ForegroundColor Green | |
| # Unblock and Decompress |
darkoperator
/ PoshShodanInstall.ps1
Created
March 5, 2014 22:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Make sure the module is not loaded | |
| Remove-Module Posh-Shodan -ErrorAction SilentlyContinue | |
| # Download latest version | |
| $webclient = New-Object System.Net.WebClient | |
| $url = "https://github.com/darkoperator/Posh-Shodan/archive/master.zip" | |
| Write-Host "Downloading latest version of Posh-Shodan from $url" -ForegroundColor Cyan | |
| $file = "$($env:TEMP)\Posh-Shodan.zip" | |
| $webclient.DownloadFile($url,$file) | |
| Write-Host "File saved to $file" -ForegroundColor Green | |
| # Unblock and Decompress |
darkoperator
/ importshodan
Created
March 4, 2014 15:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Import-ShodanAPIKey | |
| { | |
| [CmdletBinding()] | |
| Param | |
| ( | |
| [Parameter(Mandatory=$true, | |
| ValueFromPipelineByPropertyName=$true, | |
| Position=1)] | |
| [securestring]$MasterPassword |
darkoperator
/ PoshVTInstall.ps1
Last active
January 11, 2020 14:21
Install Script for Posh-VirusTotal
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Make sure the module is not loaded | |
| Remove-Module Posh-VirusTotal -ErrorAction SilentlyContinue | |
| # Download latest version | |
| $webclient = New-Object System.Net.WebClient | |
| $url = "https://github.com/darkoperator/Posh-VirusTotal/archive/master.zip" | |
| Write-Host "Downloading latest version of Posh-VirusTotal from $url" -ForegroundColor Cyan | |
| $file = "$($env:TEMP)\Posh-VirusTotal.zip" | |
| $webclient.DownloadFile($url,$file) | |
| Write-Host "File saved to $file" -ForegroundColor Green | |
| # Unblock and Decompress |