@64 I85YL64
I85YL64
/ Get-StaleADUserAccounts.ps1
Created
December 19, 2022 10:04
— forked from trevorbryant/Get-StaleADUserAccounts.ps1
Dirty PowerShell audit script to query against accounts management non-compliance to FISMA (loosely)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Super duper dumb PS script to query ActiveDirectory for misconfigured User accounts. | |
| # Created by Trevor Bryant (@apporima) | |
| # Get-StaleADUserAccounts.ps1 version 1.0.0 | |
| # Set variables | |
| $timestamp = (Get-Date -f HHmmss_MMddyyyy) | |
| $ADDomainInfo = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() | |
| $ADDomainInfoMode = $ADDomainInfo.DomainMode | |
| $ADDomainInfoName = $ADDomainInfo.Name | |
| $Export = "C:\temp\AD_Audit\Stale_AD_User_Account_Audit_$ADDomainInfoName`_$timestamp.csv" |
I85YL64
/ Get-ADGroupEnum.ps1
Created
December 19, 2022 10:04
— forked from trevorbryant/Get-ADGroupEnum.ps1
Enumerate member objects of target Active Directory group
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $Users = @() | |
| $Export = @() | |
| $RecursiveUsers = @() | |
| $AdminGroups = $args | |
| ForEach ($Group in $args) { | |
| Get-ADGroupMember "$Group" -ErrorAction SilentlyContinue | ForEach-Object { | |
| $Export = New-Object -TypeName PSObject |
I85YL64
/ Windows Event Collection - Primary User Logons
Created
December 19, 2022 10:00
— forked from trevorbryant/Windows Event Collection - Primary User Logons
Splunk dashboard for Windows Event Collection - Primary User Logons
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <form> | |
| <label>Windows Event Collection - Primary User Logons</label> | |
| <description>Filtered search for identifying non-administrative log on to servers.</description> | |
| <fieldset submitButton="false" autoRun="true"> | |
| <input type="text" token="computername" searchWhenChanged="true"> | |
| <label>Computer Name (FQDN)</label> | |
| <default>*</default> | |
| <initialValue>*</initialValue> | |
| </input> | |
| <input type="text" token="workstationname" searchWhenChanged="true"> |
I85YL64
/ DhashIcon.py
Created
January 21, 2022 13:31
— forked from fr0gger/DhashIcon.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| # Thomas Roccia | IconDhash.py | |
| # pip3 install lief | |
| # pip3 install pillow | |
| # resource: https://www.hackerfactor.com/blog/?/archives/529-Kind-of-Like-That.html | |
| import lief | |
| import os | |
| import argparse |
I85YL64
/ counter-surveillance-mobile-best-practices.md
Created
November 25, 2017 21:22
— forked from 161chihuahuas/counter-surveillance-mobile-best-practices.md