Skip to content

Instantly share code, notes, and snippets.

View mwollenweber's full-sized avatar

Matthew Wollenweber mwollenweber

51 followers · 85 following
View GitHub Profile
@mwollenweber
mwollenweber / gist:563d78602a1f115778b1ded1754b9f8b
Last active September 3, 2024 04:47
Clean Logs/Caches
#!/bin/bash
# Matthew Wollenweber
# [email protected]
unalias rm
setopt rm_star_silent
qlmanage -r cache
sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* 'delete from LSQuarantineEvent'
defaults delete ~/Library/Preferences/com.apple.finder GoToField
@mwollenweber
mwollenweber / gist:334f60eeead496468d7de3c0bd1a02c9
Last active August 28, 2024 03:05
nonce
from flask import Flask, request, jsonify
from uuid import uuid4
app = Flask(__name__)
app.secret_key = 'password42' # For session management
# requests come with these parameters from the frontend in `metadata`:
# 1. `user_agent`: the user agent of the client
# 2. `user_id`: a unique ID assigned to each user
# 3. `user_ip`: the user's ip address
@mwollenweber
mwollenweber / gist:9ef0da8f1ff3e7b0e40524f3d58ca18b
Last active December 9, 2023 18:54
Clean OneDrive on MacOS Aggressively
open /Applications/OneDrive.app/Contents/Resources/ResetOneDriveAppStandalone.command
open /Applications/OneDrive.app/Contents/Resources/RemoveOneDriveCreds.command
rm -rf ~/Library/Application\ Support/com.microsoft.OneDrive
rm -rf ~/Library/Application\ Support/OneDrive
rm -rf ~/Library/Caches/com.microsoft.OneDrive
rm -rf ~/Library/Caches/OneDrive
rm -rf ~/Library/Caches/com.microsoft.OneDrive
rm -rf ~/Library/CloudStorage/OneDrive*
rm -rf ~/Library/Containers/com.microsoft.com.OneDrive*
rm -rf ~/OneDrive*
@mwollenweber
mwollenweber / Defender AV Results
Created June 23, 2023 13:30
// Query for Microsoft Defender Antivirus detections.
// Query #1: Query for Antivirus detection events
DeviceEvents
| where ActionType == "AntivirusDetection"
| extend ParsedFields=parse_json(AdditionalFields)
| project ThreatName=tostring(ParsedFields.ThreatName),
WasRemediated=tobool(ParsedFields.WasRemediated),
WasExecutingWhileDetected=tobool(ParsedFields.WasExecutingWhileDetected),
FileName, SHA1, InitiatingProcessFileName, InitiatingProcessCommandLine,
DeviceName, Timestamp
@mwollenweber
mwollenweber / gist:e30d9b3a759aed177cf78e530041d8a2
Created July 6, 2020 18:07
Expel Demisto
#!/usr/bin/env python
import copy
import io
import json
import os
import pprint
import sys
import time
from collections import OrderedDict
from urllib.parse import urlencode
@mwollenweber
mwollenweber / models.py
Last active February 12, 2016 19:54
gAudit Module to resolve and store IP addresses from Alexa
'''
services/alexa/models.py
Copyright Matthew Wollenweber 2014
mjw@insomniac.technology
1. Fetch the Alexa Top 1M list
2. Resolve the domain and www.domain to IP addresses
3. Insert those IPs into a database using SQLAlechemy
@mwollenweber
mwollenweber / gist:c9f6a65d0cc346a8ebc5
Created October 12, 2014 22:48
function addNetIDButtons(){
var rows = $('#emailRetentionTable').dataTable().fnGetNodes();
//var rows = oTable.fnGetNodes();
alert(rows.length);
for(var i=0; i<=rows.length; i++){
//get the cell contents of the email row
var data = rows[0].cells[0].innerHTML;
var pre = "<div class=\"btn-group\"><button type=\"button\" class=\"btn btn-default dropdown-toggle\" data-toggle=\"dropdown\"> ";
var post = " </button><ul class=\"dropdown-menu\" role=\"menu\"><li><a href=\"#\">Disable NetID</a></li><li><a href=\"#\">Enable NetID</a></li><li><a href=\"#\">View Audits</a></li><li><a href=\"#\">Queue Audit</a></li></ul></div></td> ";
@mwollenweber
mwollenweber / gist:01c026e302c33b9efc4b
Created October 9, 2014 17:59
<div class="container-fluid">
<div class="col-md-4">
<form role="form" class="retainSearch">
<div class="form-group">
<label for="searchField">Search By: </label>
<select class="form-control input-sm" name="searchField" id="searchField">
<option value="NetID">Netid</option>
<option value="lName">Family Name</option>
</select>
</div>
@mwollenweber
mwollenweber / gist:5687219
Last active December 17, 2015 23:09
#!/usr/bin/python
#base94 decode
tati_string = "replace me"
def decode(input):
output = 0
base = ' !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}'
power = 0
for c in input:
@mwollenweber
mwollenweber / dns_perf_test.py
Created April 7, 2011 03:13
Quick hack to compare performance of OpenDNS vs Google vs GW. Also checks blocking accuracy of dnsbh
#!/usr/bin/python
#Matthew Wollenweber
#[email protected]
import os,sys, ConfigParser
import time
import sqlite3
import urllib2
import urlparse