Skip to content

Instantly share code, notes, and snippets.

View ekmixon's full-sized avatar

ekmixon

89 followers · 1.1k following
View GitHub Profile
@ekmixon
ekmixon / XProtect.yara
Created May 10, 2021 21:25 — forked from pedramamini/XProtect.yara
Apple OSX built in file defense is powered by YARA: /System/Library/CoreServices/XProtect.bundle/Contents/Resources
import "hash"
private rule Macho
{
meta:
description = "private rule to match Mach-O binaries"
condition:
uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca
}
@ekmixon
ekmixon / tmux-cheatsheet.markdown
Created August 25, 2021 16:35 — forked from MohamedAlaa/tmux-cheatsheet.markdown
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@ekmixon
ekmixon / gbc.py
Created September 14, 2021 17:38 — forked from balazsbotond/gbc.py
Git Branch Cleanup - Asks if you want to delete local git branches that don't exist on any remote
#!/usr/bin/env python
import re
import os
import sys
from subprocess import check_output, check_call, call, STDOUT
BLUE = '\033[94m'
GRAY = '\033[90m'
ENDC = '\033[0m'
@ekmixon
ekmixon / Get-LocalAdmins.ps1
Created October 4, 2021 18:05 — forked from signalwarrant/Get-LocalAdmins.ps1
Get-LocalAdmins
Function Get-LocalAdmins {
<#
.SYNOPSIS
Gets the members of the local administrators of the computer
and outputs the result to a CSV file.
.PARAMETER Computers
Specifies the Computer names of devices to query
.INPUTS
System.String. Get-LocalAdmins can accept a string value to
determine the Computers parameter.
@ekmixon
ekmixon / ExchangeSVCmof.ps1
Created October 4, 2021 18:06 — forked from signalwarrant/ExchangeSVCmof.ps1
ExchangeSVCmof.ps1
# Your Configuration
Configuration ExchangeService {
# Parameters
# Accepts a string value computername or defaults to localhost
Param([string[]]$ComputerName = "localhost")
# Target Node
Node $ComputerName {
@ekmixon
ekmixon / CreatePullServer.ps1
Created October 4, 2021 18:06 — forked from signalwarrant/CreatePullServer.ps1
CreatePullsServer.ps1
# Step 1 Install xPSDesiredStateConfiguration
Install-Module -Name xPSDesiredStateConfiguration
# Step 2
# Create the Pull Server.
Configuration CreatePullServer {
param (
[string[]]$ComputerName = 'localhost'
)
@ekmixon
ekmixon / DSCResources.ps1
Created October 4, 2021 18:06 — forked from signalwarrant/DSCResources.ps1
DSCResources.ps1
# NoGo
Get-Command -Module xPSDesiredStateConfiguration
# NoGo
xService | Get-Member
# Shows all DSC Resources currently installed in PS ModulePath
# Access PSModulepath
# cd env:
# dir | Where-Object Name -eq PSModulePath
@ekmixon
ekmixon / HashTables.ps1
Created October 4, 2021 18:06 — forked from signalwarrant/HashTables.ps1
HashTables.ps1
# Example No Hash table or Calculated Properties
Get-WmiObject -Class WIN32_volume -ComputerName localhost -Filter 'drivetype = 3' |
Select-Object -Property PScomputerName,
DriveLetter,
Label,
FreeSpace
# Example using a Hash table
Get-WmiObject -Class WIN32_volume -ComputerName localhost -Filter 'drivetype = 3' |
Select-Object -Property PScomputerName,
@ekmixon
ekmixon / Sort-Select.ps1
Created October 4, 2021 18:06 — forked from signalwarrant/Sort-Select.ps1
Sort-Select.ps1
# Selecting
#Default
Get-Process
# All Properties
Get-Process | Select-Object -Property * | Out-GridView
# Sorting
# Changes the default sorting order for Get-Process
Get-Process | Sort-Object CPU
@ekmixon
ekmixon / Filter-Left.ps1
Created October 4, 2021 18:07 — forked from signalwarrant/Filter-Left.ps1
Filer-Left.ps1
#1
Get-Service | Where-object { $_.Status -eq 'Running' -and $_.name -like 's*'}
#2
Get-Service -name s*| Where-object { $_.Status -eq 'Running'}
#1
Measure-Command -Expression {Get-Service | Where-object { $_.Status -eq 'Running' -and $_.name -like 's*'}}
#2
Measure-Command -Expression {Get-Service -name s*| Where-object { $_.Status -eq 'Running'}}