Skip to content

Instantly share code, notes, and snippets.

View justintime's full-sized avatar

Justin Ellison justintime

22 followers · 3 following
View GitHub Profile
@justintime
justintime / hibp-audit.md
Created June 20, 2019 21:15

HIBP Audit - Audit AD user accounts against HIBP

This powershell script uses the sorted hash available from HaveIBeenPwned combined with the PowerShell module DSInterals to provide a very fast and effective way to audit your users' account passwords against those found in prior public breaches.

The use case is to use this script as part of your routine audits. As companies begin to follow NIST's recommendations to relax restrictions and rotation requirements on passwords, it's important to make sure that you test your user's passwords to ensure they haven't been breached. This tool aims to automate a big chunk of that work. Everything else I could find dealt with using copies of NTDIS.DIT, which is unwieldy, hard to automate, and increases your attack surface.

Performance

Because DSInternals is able to use the sorted hash file from HIBP, it can do binary searches and ends up being blazingly fast. I'm able to audit 2,200 AD users against the ~20GB HIBPv4 hash

@justintime
justintime / rule1.haskell
Last active January 3, 2024 18:04
Tasmota Watchdog
Rule1
ON system#boot do Var1 3 ENDON
ON system#boot do Var2 0 ENDON
ON Var1#State>1439 DO Var1 1439 ENDON
ON Time#Minute|%var1% DO backlog WebQuery http:/www.google.com/ GET ENDON
ON WebQuery#Data$!Done DO backlog Add2 1 ENDON
ON Var2#state >= 2 DO backlog Mult1 2; Power1 0; Delay 10; Power1 1; Var2 0 ENDON
ON WebQuery#Data=Done DO Var1 3; Var2 0 ENDON
@justintime
justintime / leak-detector-notifier.yaml
Last active July 7, 2022 18:27 — forked from bbbenji/leak-detector-notifier.yaml
blueprint:
name: Leak detection & notifier
description: Send a notification when any configured moisture sensor becomes moist
domain: automation
input:
notify_device:
name: Notify device
description: "The device where the notification should be sent to."
selector:
device:
@justintime
justintime / README-TiVo-debloat.md
Last active January 3, 2025 00:40
TiVo Stream 4K Debloat + Setup Script

TiVo Stream 4K de-bloat and setup

Purpose

This will take a stock TS4K and debloat it of all the TiVo stuff that slows it down. It will also disable the Google Launcher in favor of Projectivy Launcher. Please don't use this if you don't know exactly what you're doing, I offer no support.

Taken mostly from this forum post

If you wish to disable automatic remote programming (you don't, it's awesome), please see this guide

Setup