mbrownnycnyc
mbrownnycnyc
/ renamegroupsin-ou.ps1
Created
December 19, 2018 20:56
rename all groups in an OU, replacing a specific string
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function renamegroupsin-ou{ | |
| [cmdletbinding()] | |
| param ( | |
| $targetou, | |
| $findpattern, | |
| $replacepattern | |
| ) | |
| $groups = get-adobject -searchbase $targetou -ldapfilter “objectClass=group” -properties samaccountname, cn |
mbrownnycnyc
/ processnessuscsvdatetimeto-utctimedate.ps1
Last active
December 12, 2018 14:48
Process Nessus CSVs' date fields to UTC (and output in a format that a "layman" user can leverage Pivot Tables and a Timeline Slicer).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #date conversions for CSVs with proprietary date formats as a field | |
| $filein = "c:\CSV - Oracle and MSSQL DB.csv" | |
| $fileout = "C:\CSV - Oracle and MSSQL DB_datesutc.csv" | |
| $csvinput = import-csv $filein | |
| foreach ($item in $csvinput) { | |
| foreach ($property in $item.psobject.properties) { |
mbrownnycnyc
/ nessus_report_template_json_codec.py
Created
December 10, 2018 18:17
I did not write this. This is a python script that will take a Nessus report template XML and decode as a JSON formatted file. You can then manipulate the JSON, and then re-encode to a Nessus report template XML.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| [Description] | |
| Converts Nessus report definition to JSON or from JSON to Nessus report definition | |
| - Can also perform a fetch of a segment containing a key + value pair | |
| i.e. Fetching a segment with a key of 'componentType' and a value of 'matrix' | |
| [Parameters] |
mbrownnycnyc
/ disable_android_notification_info.txt
Last active
April 13, 2023 13:06
Disabling heads up notifications on android per app. Requires root access. This will simply hide: "sim card is not from verizon wireless"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #you can do the below if you have root. | |
| # if you don't have root, you can uninstall the Samsung Setup Wizard. Not sure if this is at all valuable, as you can configure APNs manually worst case. Best case, it has no affect on OTA activations (which I truly don't think it does): | |
| # adb shell | |
| # pm uninstall -k --user 0 com.sec.android.app.setupwizard | |
| # cycle airplane mode and you'll see you don't get the notification. | |
| "sim card is not from verizon wireless" |
mbrownnycnyc
/ get-riskrecastreport.ps1
Last active
December 6, 2018 20:27
Creating a report on new risk recasts and risk acceptances historically, and within the last N days.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://docs.tenable.com/sccv/api/Recast-Risk-Rule.html | |
| function ignore-certificatevalidation { | |
| #ignore SSL/TLS cert errors: | |
| if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type) { | |
| $certCallback = @" | |
| using System; | |
| using System.Net; | |
| using System.Net.Security; | |
| using System.Security.Cryptography.X509Certificates; |
mbrownnycnyc
/ recast-scplugin.ps1
Last active
December 5, 2018 20:30
Using SecurityCenter API to create a recast rule. This is useful if you don't have a vuln for a plugin, but want to create a recast rule.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Powershell example: | |
| #https://goo.gl/aaPQQ6 | |
| #https://docs.tenable.com/sccv/api/Recast-Risk-Rule.html | |
| #https://community.tenable.com/s/question/0D5f200004rM0A0CAK/automating-download-of-scan-results-from-security-center | |
| # see main function at bottom. | |
| function ignore-certificatevalidation { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #grab a cert from a server | |
| openssl s_client -connect www.google.com:443 2>/dev/null </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | |
| #grab the entire cert chain | |
| openssl s_client -host servicenowdev.idbny.com -port 443 -prexit -showcerts | |
| #S/MIME: | |
| #Extract private key from pkcs12, and convert from pem to der | |
| openssl pkcs12 -in smime_matt.p12 -nocerts -out priv_smime_matt.pem | |
| openssl rsa -inform pem -outform der -text -in priv_smime_matt.pem -out priv_smime_matt.der |
mbrownnycnyc
/ get-iisipdisclosure.ps1
Last active
November 20, 2018 17:07
check a CIDR block for IIS servers IP disclosure http://foofus.net/?p=758
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function test-tcpport { | |
| [CmdletBinding()] | |
| param ( | |
| [int]$port = 80, | |
| [string]$ip = "127.0.0.1" | |
| ) | |
| try { | |
| $socket = new-object System.Net.Sockets.TcpClient | |
| $timespan = [TimeSpan]::FromMilliseconds(500) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function test-tcpport { | |
| param ( | |
| [int]$port = 80, | |
| [string]$ip = "127.0.0.1" | |
| ) | |
| try { | |
| $socket = new-object System.Net.Sockets.TcpClient | |
| $timespan = [TimeSpan]::FromMilliseconds(500) | |
mbrownnycnyc
/ convertnmapxmlto-csv.ps1
Last active
October 19, 2018 14:47
nmap XML to CSV converter that I did not write!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # I did not write this. | |
| # This allows for a quick view over nmap results via Excel, etc. | |
| # tested with -sV and -A result XMLs, processing the --script results somewhat | |
| function convertnmapxmlto-csv { | |
| [CmdletBinding()] | |
| param ( | |
| [string]$csvOutput, | |
| [object[]]$xmlFiles |