Andree Renneus trackd
trackd
/ linux_print_argv.c
Last active
October 30, 2023 22:31
— forked from jborean93/linux_print_argv.c
Code that can be used to generate an executable that can print how it receives arguments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include<stdio.h> | |
| // gcc print_argv.c -o print_argv | |
| int main(int argc, char *argv[]) | |
| { | |
| int i; | |
| for(i = 1;i < argc;i++) | |
| { | |
| printf("[%d] %s\n", i, argv[i]); |
trackd
/ Scan-LOLDrivers.ps1
Last active
November 1, 2023 11:24
— forked from IISResetMe/Scan-LOLDrivers.ps1
minor refactor, outputs objects etc.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Scan-LOLDrivers { | |
| <# | |
| .EXAMPLE | |
| Scan-LOLDrivers -Path C:\Windows\System32\drivers | |
| $Results = Scan-LOLDrivers -Path C:\Windows\inf | |
| $Results | Select-Object * | |
| $Results[0].all | |
| $Results[0].all.KnownVulnerableSamples | |
| .EXAMPLE | |
| $iwantitall = 'C:\WINDOWS\inf', |
trackd
/ LOLDriverConfig.ps1
Created
October 31, 2023 13:45
— forked from jsecurity101/LOLDriverConfig.ps1
PowerShell script that creates an audit or block Sysmon config based off of LOLDrivers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Author: Jonathan Johnson (@jsecurity101) | |
| function New-DriverConfig { | |
| <# | |
| .EXAMPLE | |
| New-DriverConfig -Block | |
| Creates driver block config in the current directory | |
| .EXAMPLE |
trackd
/ ConvertTo-TableFormat.ps1
Last active
January 14, 2024 16:49
— forked from indented-automation/ConvertTo-TableFormat.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function ConvertTo-TableFormat { | |
| <# | |
| .SYNOPSIS | |
| Rebuild an object based on the Format Data for the object. | |
| .DESCRIPTION | |
| Allows an object to be rebuilt based on the view data for the object. Uses Select-Object to create a new PSCustomObject. | |
| #> | |
| [CmdletBinding()] | |
| param ( |
trackd
/ Get-WTSSessionInfo.ps1
Last active
March 26, 2024 11:50
— forked from jborean93/Get-WTSSessionInfo.ps1
Tries to replicate qwinsta but return structured objects
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2022, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Add-Type -TypeDefinition @' | |
| using System; | |
| using System.Runtime.InteropServices; | |
| namespace Wtsapi32 | |
| { | |
| public enum WtsConnectState |
trackd
/ Measure-ChildItem.ps1
Last active
April 10, 2024 00:31
— forked from indented-automation/Measure-ChildItem.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Measure-ChildItem { | |
| <# | |
| .SYNOPSIS | |
| Recursively measures the size of a directory. | |
| .DESCRIPTION | |
| Recursively measures the size of a directory. | |
| Measure-ChildItem uses win32 functions, returning a minimal amount of information to gain speed. Once started, the operation cannot be interrupted by using Control and C. The more items present in a directory structure the longer this command will take. | |
| This command supports paths longer than 260 characters. |