Jordan Borean jborean93
jborean93
/ AuthenticodeEncoding.Tests.ps1
Last active
December 6, 2024 06:23
Pester tests for checking out how the PowerShell Authenticode SIP determines the file encoding for the signature
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Requires -RunAsAdministrator | |
| #Requires -Version 7.4 | |
| using namespace System.IO | |
| using namespace System.Formats.Asn1 | |
| using namespace System.Globalization | |
| using namespace System.Security.Cryptography | |
| using namespace System.Security.Cryptography.Pkcs | |
| using namespace System.Security.Cryptography.X509Certificates | |
| using namespace System.Text |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| This must be run in Windows PowerShell (5.1). This will not work in PowerShell 7.x | |
| as Add-Type cannot generate an output executable. | |
| #> | |
| Add-Type -OutputType ConsoleApplication -OutputAssembly kill.exe -TypeDefinition @' | |
| using System; | |
| using System.ComponentModel; | |
| using System.Runtime.InteropServices; |
jborean93
/ Appx-Server2025.ps1
Created
November 10, 2024 21:40
Fix Appx in PSRemoting for Server 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Server 2025 fails to run Get-AppxPackage and other DISM module commands in | |
| # a PSRemoting (psrp) session as it has a dependency on some dll's not present | |
| # in the GAC and only in the powershell.exe directory. As PSRP runs through | |
| # wsmprovhost.exe, it fails to find those dlls. This hack will manually load | |
| # the 4 required dlls into the GAC. This is a hack and should be removed in the | |
| # future if MS fix their bug on 2025. | |
| Add-Type -AssemblyName "System.EnterpriseServices" | |
| $publish = [System.EnterpriseServices.Internal.Publish]::new() |
jborean93
/ Get-ValidatedScriptBlock.ps1
Last active
December 4, 2024 15:39
WDAC Investigations for Ansible
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Get-ValidatedScriptBlock { | |
| [OutputType([ScriptBlock])] | |
| param ( | |
| [Parameter(Mandatory)] | |
| [string] | |
| $Name, | |
| [Parameter(Mandatory)] | |
| [string] | |
| $ScriptAsBase64 |
jborean93
/ New-ScheduledTaskSession.ps1
Last active
September 4, 2025 08:50
Creates a PSSession that targets a scheduled task process
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function New-ScheduledTaskSession { | |
| <# | |
| .SYNOPSIS | |
| Creates a PSSession for a process running as a scheduled task. | |
| .DESCRIPTION | |
| Creates a PSSession that can be used to run code inside a scheduled task |
jborean93
/ Invoke-AsScheduledJob.ps1
Created
August 23, 2024 04:39
Invokes a PowerShell script as a scheduled task changing the logon type to a BATCH logon.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Invoke-AsScheduledJob { | |
| <# | |
| .SYNOPSIS | |
| Runs a scriptblock as a scheduled job. | |
| .DESCRIPTION | |
| This is a helper function to run PowerShell code as a scheduled task. |
jborean93
/ smb_list_shares.py
Last active
September 28, 2025 11:00
List SMB shares using smbprotocol library
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # /// script | |
| # dependencies = [ | |
| # "bcrypt", | |
| # "cryptography >= 43.0.0", | |
| # "pyyaml", | |
| # ] | |
| # /// |
jborean93
/ Split-ExeArgument.ps1
Last active
August 19, 2024 19:40
Splits the input string using the Win32 argument splitter
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| #Requires -Module Ctypes | |
| Function Split-ExeArgument { | |
| [OutputType([string])] | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(Mandatory, ValueFromPipeline)] |
jborean93
/ libvirt-network-dns.py
Created
June 3, 2024 00:34
Script that can automatically configure DNS domain resolvers for systemd-resolved on QEMU network adapters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import os.path | |
| import subprocess | |
| import sys | |
| import xml.etree.ElementTree as ET | |
| def main(): | |
| iface = sys.argv[1] | |
| hook_case = sys.argv[2] |