jfrantz1-r7’s gists

jfrantz1-r7 / regex

Created February 12, 2019 23:39

	Email - (?:[a-z0-9!#$%&'+/=?^_`{\|}~-]+(?:\.[a-z0-9!#$%&'+/=?^_`{\|}~-]+)\|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]\|\\[\x01-\x09\x0b\x0c\x0e-\x7f])")@(?:(?:[a-z0-9](?:[a-z0-9-][a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-][a-z0-9])?\|\[(?:(?:25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?\|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]\|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])

	SSN - ^(?!(000\|666\|9))\d{3}-(?!00)\d{2}-(?!0000)\d{4}$\|^(?!(000\|666\|9))\d{3}(?!00)\d{2}(?!0000)\d{4}$

	Passport Number - ^(?!^0+$)[a-zA-Z0-9]{3,20}$

	Date of Birth - ^((?:0[0-9])\|(?:[1-2][0-9])\|(?:3[0-1]))/((?:0[1-9])\|(?:1[0-2]))/((?:19\|20)\d{2})$

	Credit Cards - ^(?:4[0-9]{12}(?:[0-9]{3})? # Visa
	\| (?:5[1-5][0-9]{2} # MasterCard

jfrantz1-r7 / sort_fileext.py

Created March 6, 2019 10:53

jfrantz1-r7 / sort_.ps1

Created March 6, 2019 11:02

	function get-destbytype($ext) {
	Switch ($ext)
	{
	{$ext -match '(jpg\|png\|gif)'} { "images" }
	{$ext -match '(txt\|docx)'} { "docs" }
	default {"$ext" }
	}
	}

	ls $dirtyfolder/* \| ? {!$_.PSIsContainer} \| %{

jfrantz1-r7 / gist:9375bdaba7eda35af94deddd351b4cad

Created March 7, 2019 22:00

	$query = @"
	<QueryList>
	<Query Id="0" Path="Microsoft-Windows-PowerShell/Admin">
	<Select Path="Microsoft-Windows-PowerShell/Admin">*[System[(Level=1 or Level=2 or Level=3 or Level=4 or Level=0 or Level=5) and (EventID=4104)]]</Select>
	<Select Path="Microsoft-Windows-PowerShell/Operational">*[System[(Level=1 or Level=2 or Level=3 or Level=4 or Level=0 or Level=5) and (EventID=4104)]]</Select>
	</Query>
	</QueryList>
	"@

	Get-WinEvent -FilterXML $query

jfrantz1-r7 / Site information

Created March 27, 2019 20:36

	SELECT da.NAME AS "Name",
	dssc.scan_template_id AS "Scan Template",
	dse.NAME AS "Scan Engine",
	Count(dsa.asset_id) AS "Asset Count"
	FROM dim_site AS da
	JOIN dim_site_scan_config AS dssc using (site_id)
	JOIN dim_site_asset AS dsa using (site_id)
	JOIN dim_scan_engine AS dse using (scan_engine_id)
	GROUP BY da.NAME,
	dssc.scan_template_id,

jfrantz1-r7 / gist:465b254694880bdb71b4b2b0e99044aa

Created April 4, 2019 17:07

	import requests
	import json

	console = "https://urlforconsolehere/"
	url = "%sapi/3/sites" % console
	headers = {
	'Authorization': "Basic hashhere",
	}

	response = requests.request("GET", url, headers=headers, verify=False)

jfrantz1-r7 / gist:9949bdaf25ab084d161721f4da7d8ab5

Created April 4, 2019 18:52

	from __future__ import with_statement
	from __future__ import absolute_import
	import requests
	import csv
	import datetime
	from time import sleep
	import urllib3
	from io import open

	urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

jfrantz1-r7 / expired_cert.sql

Created April 17, 2019 17:55

	WITH
	cert_expiration_dates AS (
	SELECT DISTINCT asset_id, service_id, name, value
	FROM dim_asset_service_configuration
	WHERE lower(name) LIKE '%ssl.cert.not.valid.after'
	)
	SELECT ip_address, host_name, mac_address, date(ced.value)
	FROM dim_asset
	JOIN cert_expiration_dates AS ced USING (asset_id)
	WHERE CURRENT_TIMESTAMP - cast(ced.value AS DATE) <= INTERVAL '90 days'

jfrantz1-r7 / gist:0ff396889a2520b855f5244571e7ed91

Created April 24, 2019 17:25

	$server = "server.name.here"

	try {
	$svc = Get-WmiObject -List -Class Win32_OperatingSystem -Computer $server `
	-ErrorAction Stop
	} catch {
	"Cannot access WMI on {0}. Error: {1:x}" -f $server, $_.Exception.HResult
	}

jfrantz1-r7 / New and Remediated Vulns with Vuln details.sql

Created April 25, 2019 13:51

	WITH assets_vulns AS (
	SELECT
	fasv.asset_id,
	fasv.vulnerability_id,
	baselineComparison (fasv.scan_id, current_scan) AS baseline,
	s.baseline_scan,
	s.current_scan
	FROM
	fact_asset_scan_vulnerability_instance fasv
	JOIN (

Josh Frantz jfrantz1-r7