Niels Hofmans hazcod

Hello! I'm a cybersecurity freelancer and an open sourcerer from Belgium.

hazcod / pause-heating-on-window-open.yaml

Created March 1, 2025 09:31

Home Assistant blueprint that pauses your heating when a window opens.

	blueprint:
	name: "Tado: Turn off heating when window is open"
	description: "Disables heating in a specific room when the window is open."
	domain: automation
	input:
	# the window which opens
	window_sensor:
	name: "Window Sensor"
	selector:
	entity:

hazcod / entra-add-fido2-key.ps1

Created November 18, 2024 07:20

PowerShell script to add a FIDO2 security key to an Entra account.

	<#
	.SYNOPSIS
	Register FIDO2 on behalf of another user
	.DESCRIPTION
	This script registers a FIDO2 key on behalf of another user. The script requires the admin to have a FIDO2 key and the user's UPN.
	The script will connect to Microsoft Graph and register the FIDO2 key on behalf of the user.
	The script will also register the FIDO2 key in Entra ID.
	#>

	param (

hazcod / logicapp-canary.json

Created February 10, 2024 22:52

	{
	"definition": {
	"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
	"actions": {
	"Condition": {
	"actions": {
	"Terminate": {
	"inputs": {
	"runStatus": "Cancelled"
	},

hazcod / ms-sentinel-dcr-template.yml

Created November 29, 2023 10:11

Microsoft Sentinel resource template for creating a Data Collector Rule (DCR) to ingest custom logs into Microsoft Sentinel SIEM.

	{
	"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
	"contentVersion": "1.0.0.0",
	"parameters": {
	"dataCollectionRules_OnePasswordLogs_name": {
	"defaultValue": "OnePasswordLogs",
	"type": "String"
	},
	"dataCollectionEndpoints_1password_externalid": {
	"defaultValue": "/subscriptions/SUBSCRIPTION-ID-HERE/resourceGroups/myresgroup/providers/Microsoft.OperationalInsights/dataCollectionEndpoints/1password",

hazcod / evilginx-o365-phishlet.yml

Last active February 28, 2025 13:16

Working Office365 phishlet for evilginx2.

hazcod / get-intigriti-program-domains.sh

Created April 7, 2022 09:17

Retrieves domains from the Intigriti public program on the public website.

	#!/usr/bin/env bash

	join_by()
	{
	local IFS="$1"
	shift
	echo "$*"
	}

	data=$(curl -s https://www.intigriti.com/programs)

hazcod / CVE-2021-44228.nuclei.yaml

Last active December 18, 2023 06:50

Nuclei template to scan for log4shell (CVE-2021-44228).

hazcod / falcon-autoinstall.sh

Last active October 22, 2023 12:58

	#!/usr/bin/env bash

	CLIENT_ID="_FALCON_API_CLIENT_ID_"
	CLIENT_SECRET="FALCON_API_CLIENT_SECRET_"
	CID="_FALCON_CID_"
	TOKEN="_FALCON_INSTALL_TOKEN"
	API_HOST="api.eu-1.crowdstrike.com"


	function main() {

hazcod / yubi.go

Created August 2, 2021 14:05

YubiKey example

	package main

	import (
	"flag"
	"fmt"
	"github.com/go-piv/piv-go/piv"
	conf "github.com/hazcod/sop/config"
	"github.com/pkg/errors"
	"github.com/sirupsen/logrus"
	"os"

hazcod / CVE-2021-36934.bat

Created July 22, 2021 11:32

CVE-2021-36934 manual mitigation in commandprompt.

	echo > CVE-2021-36934 fixer
	echo See https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934

	echo Deleting current shadow copies...
	vssadmin delete shadows /all /quiet

	echo Fixing privilege issue...
	icacls %windir%\system32\config\. /inheritance:e

	echo Creating brand new shadow copy...