Matthew M. heyseus1
heyseus1
/ encryption-policy.ps1
Created
July 12, 2019 18:16
Enforce TLS 1.1+ and disable ssl and tls 1.0
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function disable-ssl-2.0 | |
| { | |
| New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server' -Force | |
| New-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server' -name 'Enabled' -value '0' –PropertyType 'DWORD' | |
| New-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client' -name 'Enabled' -value '0' –PropertyType 'DWORD' | |
| New-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client' -name 'DisabledByDefault' -value '1' –PropertyType 'DWORD' | |
| Write-Host 'Disabling SSLv2' | |
| } | |
| function disable-ssl-3.0 | |
| { |
heyseus1
/ Okta-add-user-to-group.py
Last active
November 22, 2019 23:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import csv | |
| import os | |
| # in order to run this script you will need an environmental variable set in your bash_profile called OKTA_AUTH that equals an Okta API Key. | |
| # Specify your Group ID (you can get this id by running the curl command below) | |
| # curl -v -X GET -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: 'API KEY GOES HERE'" "https://{domain-here}.okta.com/api/v1/groups?limit=200" | |
| # might want to install jq on your terminal to format the JSON |
heyseus1
/ Okta-delete-users-from-group.py
Created
November 22, 2019 23:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import csv | |
| import os | |
| # in order to run this script you will need an environmental variable set in your bash_profile called OKTA_AUTH that equals an Okta API Key. | |
| # Specify your Group ID (you can get this id by running the curl command below) | |
| # curl -v -X GET -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: 'API KEY GOES HERE'" "https://{domain-here}.okta.com/api/v1/groups?limit=200" | |
| # might want to install jq on your terminal to format the JSON |
heyseus1
/ google-group-list-users.py
Created
November 22, 2019 23:59
pulls a list of users from a google distro list
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import print_function | |
| import pickle | |
| import os.path | |
| from googleapiclient.discovery import build | |
| from google_auth_oauthlib.flow import InstalledAppFlow | |
| from google.auth.transport.requests import Request | |
| import requests | |
| import sys | |
heyseus1
/ universal-forwarder.ps1
Last active
November 23, 2019 00:18
MSI installer script for Splunk universal forwarder
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### set deployment host & network path of file | |
| $msbuild = “\\some-network-path\splunkforwarder-7.3.2-c60db69f8e32-x64-release.msi” | |
| $deployment_host = “hostname-example.com:8089" | |
| $arguments = @( | |
| “/i $msbuild” | |
| “DEPLOYMENT_SERVER=$deployment_host” | |
| “WINEVENTLOG_SEC_ENABLE=1” | |
| “AGREETOLICENSE=yes” |
heyseus1
/ wavefront_user_list.py
Created
July 14, 2021 01:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import requests | |
| import os | |
| import json | |
| import pandas as pd | |
| client_id = os.environ['WAVEFRONT_APIKEY'] | |
| class Events(): |
heyseus1
/ get-all-okta-users.py
Created
July 14, 2021 01:16
requires Okta OIDC and refresh token with proper scopes. skips deactivated and suspended users
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import requests | |
| import csv | |
| import os | |
| import json | |
| import pandas as pd | |
| scope = "okta.users.read okta.groups.read okta.groups.manage okta.users.manage okta.logs.read okta.events.read okta.trustedOrigins.manage okta.trustedOrigins.read" | |
| client_id = os.environ['OKTA_CLIENT_ID'] |
OlderNewer