Joshua Wright joswr1ght
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| vssadmin delete shadows /All /Quiet | |
| del c:\Windows\SoftwareDistribution\Download\*.* /f /s /q | |
| del %windir%\$NT* /f /s /q /a:h | |
| del c:\Windows\Prefetch\*.* /f /s /q | |
| c:\windows\system32\cleanmgr /sagerun:1 | |
| wevtutil el 1>cleaneventlog.txt | |
| for /f %%x in (cleaneventlog.txt) do wevtutil cl %%x | |
| del cleaneventlog.txt | |
| ipconfig /flushdns | |
| reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /f |
joswr1ght
/ convert-onesafe-to-1password.py
Created
June 14, 2019 19:09
OneSafe to 1Password Conversion
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # 2019-06-14 Joshua Wright, [email protected] | |
| import csv | |
| import sys | |
| OV = '\x1b[0;33m' # verbose | |
| OR = '\x1b[0;36m' # routine | |
| OE = '\x1b[1;31m' # error | |
| OM = '\x1b[0m' # mischief managed | |
| LOGINFILE="1password-login.csv" |
joswr1ght
/ wifiscan.cmd
Created
July 11, 2019 11:32
Wi-Fi Scanning at the Windows Command Prompt, FOR loop style
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FOR /L %N IN () DO @netsh wlan show networks mode=bssid | findstr "^SSID Signal" && ping -n 16 127.0.0.1 >NUL && cls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Uninstall-WindowsFeature -Name Windows-Defender |
joswr1ght
/ brojsonnormaltime.sh
Created
September 25, 2019 21:47
Export Bro Logs in JSON with ISO8601 timestamps instead of Epoch time
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bro -r $1 -e 'redef LogAscii::use_json=T; redef LogAscii::json_timestamps = JSON::TS_ISO8601;' |
joswr1ght
/ stopresponderattacks.cmd
Created
October 9, 2019 14:26
Disable WPAD and LLMNR on Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" | |
| REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /v "WpadOverride" /t REG_DWORD /d "1" /f | |
| REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" | |
| REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" /v "EnableMulticast" /t REG_DWORD /d "0" /f |
joswr1ght
/ accesslog2csv.py
Created
December 16, 2019 11:45
Convert Apache/Nginx Unified Log Format to CSV
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # accesslog2csv: Convert default, unified access log from Apache, Nginx | |
| # servers to CSV format. | |
| # | |
| # Original source by Maja Kraljic, July 18, 2017 | |
| # Modified by Joshua Wright to parse all elements in the HTTP request as | |
| # different columns, December 16, 2019 | |
| import csv | |
| import re |
joswr1ght
/ disablekibanadatareporting.sh
Created
December 18, 2019 18:14
Disable Kibana Data Reporting/Telemetry from the Command Line with Curl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl --silent -d '{"doc":{"telemetry":{"enabled":false}}}' -H 'content-type: application/json' http://localhost:9200/.kibana/_update/telemetry%3Atelemetry | jq |
joswr1ght
/ groupenumeration.ps1
Created
January 8, 2020 13:08
Create a Collection of Files for Windows Domain Groups with User Members in Each File
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Get-AdGroup -Filter * | % { Get-AdGroupMember $_.Name | Select-Object -ExpandProperty SamAccountName | Out-File -FilePath "$($_.Name).txt" -Encoding ASCII } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $x=""; while($true) { $y=get-clipboard -raw; if ($x -ne $y) { Write-Host $y; $x=$y } } |