Find the culprit that prevents ejection of Flash Drives or any other unit.
wevtutil qe System /q:"*[System[(EventID=225)]]" /c:5 /f:text /rd:true
RomelSan
/ Eject USB Units.md
Last active
September 8, 2023 05:50
Find the culprit that prevents ejection of Flash Drives or any other unit.
mklement0
/ Invoke-WithEncoding.ps1
Last active
September 7, 2023 18:59
PowerShell function for invoking native (external) programs with a specified character encoding
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Prerequisites: PowerShell v3+ | |
| License: MIT | |
| Author: Michael Klement <[email protected]> | |
| DOWNLOAD and DEFINITION OF THE FUNCTION: | |
| irm https://gist.github.com/mklement0/ef57aea441ea8bd43387a7d7edfc6c19/raw/Invoke-WithEncoding.ps1 | iex |
mklement0
/ Debug-NativeInOutput.ps1
Last active
September 7, 2023 18:59
PowerShell function for diagnosing character-encoding problems when communication with native (external) programs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Prerequisites: PowerShell v3+ | |
| License: MIT | |
| Author: Michael Klement <[email protected]> | |
| DOWNLOAD and DEFINITION OF THE FUNCTION: | |
| irm https://gist.github.com/mklement0/eac1f18fbe0fc2798b214229b747e5dd/raw/Debug-NativeInOutput.ps1 | iex |
virtualsafety
/ tcp_flags.txt
Created
December 27, 2020 02:14
— forked from tuxfight3r/tcp_flags.txt
tcpdump - reading tcp flags
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##TCP FLAGS## | |
| Unskilled Attackers Pester Real Security Folks | |
| ============================================== | |
| TCPDUMP FLAGS | |
| Unskilled = URG = (Not Displayed in Flag Field, Displayed elsewhere) | |
| Attackers = ACK = (Not Displayed in Flag Field, Displayed elsewhere) | |
| Pester = PSH = [P] (Push Data) | |
| Real = RST = [R] (Reset Connection) | |
| Security = SYN = [S] (Start Connection) |
cutiful
/ mastodon-ip.md
Last active
March 21, 2024 04:00
Detecting the real IP of a Cloudflare'd Mastodon instance
NB: This will not work for instances that proxy outgoing requests!
I wanted to find a way to detect the real IP address of a Mastodon/Pleroma/Misskey/etc instance hosted behind Cloudflare. How to do that? Well, it's federated, which means I can probably get it to send a request to a server of mine! And how to do that? I tried reading the ActivityPub spec. The following caught my attention:
Servers should not trust client submitted content, and federated servers also should not trust content received from a server other than the content's origin without some form of verification.
mklement0
/ Debug-String.ps1
Last active
August 24, 2023 06:40
PowerShell function to visualize control characters and Unicode characters in strings
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Prerequisites: PowerShell v5.1 and above (verified; may also work in earlier versions) | |
| License: MIT | |
| Author: Michael Klement <[email protected]> | |
| DOWNLOAD and DEFINITION OF THE FUNCTION: | |
| irm https://gist.github.com/mklement0/7f2f1e13ac9c2afaf0a0906d08b392d1/raw/Debug-String.ps1 | iex |
mklement0
/ Out-HostColored.ps1
Last active
December 13, 2024 14:56
PowerShell function that colors portions of the default host output that match given patterns.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Prerequisites: PowerShell version 2 or above. | |
| License: MIT | |
| Author: Michael Klement <[email protected]> | |
| DOWNLOAD, from PowerShell version 3 or above: | |
| irm https://gist.github.com/mklement0/243ea8297e7db0e1c03a67ce4b1e765d/raw/Out-HostColored.ps1 | iex |
virtualsafety
/ replace.go
Created
September 4, 2020 06:53
— forked from dallarosa/replace.go
Answer to http://stackoverflow.com/questions/26152901/replace-a-line-in-text-file-golang
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "io/ioutil" | |
| "log" | |
| "strings" | |
| ) | |
| func main() { | |
| input, err := ioutil.ReadFile("myfile") |
RomelSan
/ ListPrivilegedServices.ps1
Last active
September 8, 2023 05:59
List privileged services that don't come with Windows 10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # List privileged services that don't come with Windows 10 | |
| # Exclusion List for Win10 built in | |
| $exclusion = @('AppVClient', 'ClickToRunSvc', 'COMSysApp', 'diagnosticshub.standardcollector.service', | |
| 'msiserver', 'ose', 'perceptionsimulation', 'SecurityHealthService', 'Sense', | |
| 'SensorDataService', 'SgrmBroker', 'Spooler', 'ssh-agent', 'TieringEngineService', | |
| 'TrustedInstaller', 'UevAgentService', 'vds', 'VSS', 'wbengine', 'WinDefend', 'wmiApSrv', | |
| 'WSearch', 'SamSs') | |
| # Get Service List with LocalSystem and Startmode Auto and does not contain svchost.exe (Also exclude the ones from the list) |
mklement0
/ Get-CharInfo.ps1
Last active
June 9, 2024 20:29
PowerShell function that retrieves information about Unicode characters and categories.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Prerequisites: PowerShell v3+ | |
| License: MIT | |
| Author: Michael Klement <[email protected]> | |
| DOWNLOAD and DEFINITION OF THE FUNCTION: | |
| irm https://gist.github.com/mklement0/25694cbb8e10a7044b36a310e1243959/raw/Get-CharInfo.ps1 | iex |