Joseph H josephH00
mvelazc0
/ attack_range.yml
Created
March 23, 2023 15:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| general: | |
| cloud_provider: aws | |
| attack_range_password: AW^@#^%&^#@## | |
| use_prebuilt_images_with_packer: '0' | |
| key_name: yourkey-001423 | |
| ip_whitelist: 8.8.8.8 #your public ip address | |
| attack_range_name: test-range | |
| aws: | |
| private_key_path: /Users/your/key-001423.key | |
| region: us-west-2 |
infosecn1nja
/ ASR Rules Bypass.vba
Last active
May 19, 2025 01:21
ASR rules bypass creating child processes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' ASR rules bypass creating child processes | |
| ' https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction | |
| ' https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office | |
| ' https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule | |
| Sub ASR_blocked() | |
| Dim WSHShell As Object | |
| Set WSHShell = CreateObject("Wscript.Shell") | |
| WSHShell.Run "cmd.exe" | |
| End Sub |
mikepruett3
/ shell-setup.ps1
Last active
May 23, 2025 15:26
Packages to install via scoop, winget, choco, and other tools...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Script to Initialize my custom powershell setup. | |
| .DESCRIPTION | |
| Script uses scoop | |
| .NOTES | |
| **NOTE** Will configure the Execution Policy for the "CurrentUser" to Unrestricted. | |
| Author: Mike Pruett | |
| Date: October 18th, 2018 |
infosecn1nja
/ WMI-Persistence.ps1
Created
May 14, 2018 15:12
Fileless WMI Persistence (PSEDWMIEvent_SU - SystemUptime)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fileless WMI Persistence (PSEDWMIEvent_SU - SystemUptime) | |
| # https://wikileaks.org/ciav7p1/cms/page_14587908.html | |
| <# | |
| .SYNOPSIS | |
| This script creates a persisted WMI event that executes a command upon trigger of the system's uptime being between a given range in seconds. The event will trigger only once. | |
| #> | |
| $EventFilterName = "Fileless WMI Persistence SystemUptime" |
cprovatas
/ gist:6acef442fc43123bcd5d5e937dc7951a
Created
January 6, 2018 21:57
Monitor Mouse Event for any arbitrary application on macOS in Swift
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let callback: CGEventTapCallBack = { (tapProxy, eventType, event, refcon) -> Unmanaged<CGEvent>? in | |
| debugPrint("we are monitoring the mouse event here") | |
| return nil | |
| } | |
| let eventMask = (1 << CGEventType.leftMouseDown.rawValue) | (1 << CGEventType.leftMouseUp.rawValue) | |
| let machPort = CGEvent.tapCreateForPid(pid: 40529, place: .tailAppendEventTap, options: .defaultTap, eventsOfInterest: CGEventMask(eventMask), callback: callback, userInfo: nil)! | |
| let runLoopSource = CFMachPortCreateRunLoopSource(kCFAllocatorDefault, machPort, 0) |
alirobe
/ reclaimWindows10.ps1
Last active
May 24, 2025 14:53
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| ### | |
| ### UPDATE: For Win 11, I recommend using this tool in place of this script: | |
| ### https://christitus.com/windows-tool/ | |
| ### https://github.com/ChrisTitusTech/winutil | |
| ### https://www.youtube.com/watch?v=6UQZ5oQg8XA | |
| ### iwr -useb https://christitus.com/win | iex | |
| ### | |
| ### OR take a look at | |
| ### https://github.com/HotCakeX/Harden-Windows-Security |