| Name | Description |
|---|---|
| Comments | Additional information that should be displayed for diagnostic purposes. |
|
Wes wesinator
wesinator
/ chrome_94_csp_bug_tab_create.js
Last active
October 4, 2021 14:24
Snippet for chrome extension to open tab, attempting to work around Chrome 94 CSP bug. Requires `debugger` permission in manifest. https://bugs.chromium.org/p/chromium/issues/detail?id=1245803
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| chrome.tabs.create({ | |
| url: tabUrl, | |
| index: tab.index + 1, | |
| active: false | |
| }, | |
| function (tab) { | |
| const m = navigator.userAgent.match(/Chrome\/([\d]+)/); | |
| /* attempt to workaround issue introduced in Chrome 94+ | |
| https://bugs.chromium.org/p/chromium/issues/detail?id=1245803 |
wesinator
/ windows_pe_resource_metadata.md
Last active
December 24, 2021 12:29
Table of PE resource metadata fields. https://docs.microsoft.com/en-us/windows/win32/menurc/stringfileinfo-block#remarks
wesinator
/ ms_hwc_driver_no_info.yara
Created
July 30, 2021 11:43
YARA rule that matches MS HWC signed KmdfLibrary driver PE binaries without Product resource info, like the NetFilter rootkit.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import "vt" | |
| rule ms_hwc_sig_kmdf_driver_no_prod_info | |
| { | |
| meta: | |
| license = "4-Clause BSD" | |
| strings: | |
| $ms_hwc_serial = { 33 00 00 00 B5 21 3F CA 1E 4A A0 3D E4 00 00 00 00 00 B5 } | |
| $kmdf_library = "KmdfLibrary" nocase wide ascii | |
| $prod_name = "ProductName" wide |
wesinator
/ jquery_get_cursor.js
Last active
June 10, 2021 14:47
jquery way of getting cursor current position (`selectionStart`), without hardcoding element ID. https://www.geeksforgeeks.org/how-to-insert-text-into-the-textarea-at-the-current-cursor-position/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| https://www.geeksforgeeks.org/how-to-insert-text-into-the-textarea-at-the-current-cursor-position/ | |
| https://stackoverflow.com/questions/4069982/document-getelementbyid-vs-jquery | |
| */ | |
| $(e.selector)[0].selectionStart | |
| // use selectionEnd to get delta of selected text | |
| $(e.selector)[0].selectionEnd |
wesinator
/ 8484.disable_java_in_IE.reg
Created
February 16, 2021 23:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| ; First set the URLAction to control APPLET behavior | |
| ; Zone 3 is the Internet zone | |
| ; 1C00 is the Java invocation policy | |
| ; dword:00000000 sets the policy to disable | |
| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] | |
| "1C00"=dword:00000000 | |
| ; Then set the Internet Explorer kill bit to block OBJECT tag invocation |
wesinator
/ extract_solarwinds_orion.sh
Created
December 17, 2020 05:24
Extract Solarwinds Orion package archive from installer file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 7z e CoreInstaller.msi OrionCore.cab |
wesinator
/ mac_brew_python_version.sh
Created
December 9, 2020 22:22
Restore previous python version from homebrew upgrade
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # If python3.9 was installed, this will revert python3 to use 3.8 (if still present in brew cellar) | |
| brew link --overwrite python@3.8 |
wesinator
/ snort.conf
Last active
December 10, 2020 08:46
Sane macOS homebrew snort 2.9 config file. (You should really just use suricata anyway)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #-------------------------------------------------- | |
| # VRT Rule Packages Snort.conf | |
| # | |
| # For more information visit us at: | |
| # http://www.snort.org Snort Website | |
| # http://vrt-blog.snort.org/ Sourcefire VRT Blog | |
| # | |
| # Mailing list Contact: snort-users@lists.snort.org | |
| # False Positive reports: fp@sourcefire.com | |
| # Snort bugs: bugs@snort.org |
wesinator
/ tlp.conf
Last active
October 31, 2020 17:41
/etc/tlp.conf for laptop Nvidia power management settings, disable Bluetooth on startup. https://wiki.archlinux.org/index.php/TLP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ------------------------------------------------------------------------------ | |
| # /etc/tlp.conf - TLP user configuration | |
| # See full explanation: https://linrunner.de/en/tlp/docs/tlp-configuration.html | |
| # | |
| # New configuration scheme (TLP 1.3). Settings are read in the following order: | |
| # 1. Intrinsic defaults | |
| # 2. /etc/tlp.d/*.conf - Drop-in customization snippets | |
| # 3. /etc/tlp.conf - User configuration (this file) | |
| # |
wesinator
/ atom_regex_replacement_defanging.regex
Last active
December 30, 2023 16:07
Text editor regex replacement examples
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| \.(\w{3})\n | |
| [.]$1\n |