Using Google Chrome or MS Edge: Disable Javascript post page load. 1. Open console in dev tools 2. press ctrl - alt - p 3. In the run dialog blox type in javascript and select "Disable Javascript" Disable CSS from loading 1. Open console in dev tools 2. press ctrl - alt - p 3. In the run dialog box type in "Network request blocking" 4. on the drawer that appears check "Enable Network request blocking" 5. Click the plus button and add pattern 6. type in pattern "*.css"
Just Notes
These are just random notes and programs that may have incomplete descriptions. Any scripts or programs use at your risk
Tuesday, August 15, 2023
Websites that disable right click and highlight bypass
Tuesday, June 20, 2023
Powershell - Microsoft Graph reports - Get MFA status of users.
Select-MgProfile -Name "beta"
$TenantId = "XXXXX"
$AppId = "XXXXX"
Connect-MgGraph -ClientId $AppId -TenantId $TenantId -CertificateThumbprint "XXXXXXX"
$report = Get-MgReportCredentialUserRegistrationDetail -all
$report| select @{name="AuthMethods";e={$_.AuthMethods -join ","}},IsCapable,IsEnabled,IsMfaRegistered,IsRegistered,UserDisplayName,UserPrincipalName | Select UserPrincipalName,UserDisplayName,IsCapable,IsEnabled,IsMfaRegistered,IsRegistered,AuthMethods | export-csv -NoTypeInformation -Path "c:\reports\MFA - MFA Audit Logs.csv"
Disconnect-MgGraph
Thursday, June 1, 2023
Custom View for Events NTLMv1 on a DC
<QueryList>
<Query Id="0" Path="Security">
<Select Path="Security">*[System[(EventID=4624)] and EventData[Data[@Name='LmPackageName']='NTLM V1']]</Select>
</Query>
</QueryList>
Friday, March 17, 2023
Powershell: Get all DNS records from AD DNS
Import-Module DnsServer
# Set the output folder
$outputFolder = "C:\temp\Final"
$DNSServer = DNSServer.com
# Get all DNS zones
$zones = Get-DnsServerZone -ComputerName $DNSServer
# Loop through each zone and export its records to a separate CSV file
foreach ($zone in $zones) {
$records = Get-DnsServerResourceRecord -ZoneName $zone.ZoneName -ComputerName $DNSServer| `
select hostname,`
recordtype,`
type,timestamp,`
timetolive,`
@{n='Data';e={$rr = $_;`
switch ($rr.RecordType) {
'A' {$rr.RecordData.IPv4Address}
'CNAME' {$rr.RecordData.HostnameAlias}
'NS' {$rr.RecordData.NameServer}
'SOA' {$rr.RecordData.PrimaryServer}
'SRV' {$rr.RecordData.DomainName}
'PTR' {$rr.RecordData.PtrDomainName}
'MX' {$rr.RecordData.MailExchange}
'AAAA' {$rr.RecordData.IPv6Address}
'TXT' {$rr.RecordData.DescriptiveText}
}}}
$outputFile = "$outputFolder\$($zone.ZoneName).csv"
$records | Export-Csv -NoTypeInformation -path $outputFile
}
# Output confirmation message
Write-Host "DNS records exported to $outputFolder."
Thursday, February 2, 2023
Powershell: AD DHCP scope information
Needed a script to export dhcp scope and scope id for a domain.
$report = @() $DHCPServer = DHCPServerHostname $scopes =Get-DhcpServerv4Scope -ComputerName $DHCPServer foreach ($scope in $Scopes){ $scopeID = $scope.ScopeId $report += Get-DhcpServerv4OptionValue -ScopeId $scopeID -ComputerName $DHCPServer |` select @{name="ScopeID";e={$scopeID}},OptionID,Name,Type,@{Name="Value";e={$_.value -join ";"} } $report | export-csv -NoTypeInformation -path "c:\temp\DHCPScopeIDwithOption.csv" $scopes | export-csv -NoTypeInformation -path "c:\temp\DHCPScopeIDwithMask.csv"
Monday, August 9, 2021
Powershell - Extract ADFS certificates from ADFS server
Wrote script so people specify the adfs server and the signature and encryption certificate will extract the certs to two files stored in c:\temp
# just put in the ADFS server name
$AdfsServer = 'adfs.microsoft.com'
[xml]$XmlDocument = (New-Object System.Net.WebClient).DownloadString("https://$AdfsServer/FederationMetadata/2007-06/FederationMetadata.xml")
#ADFS Signing Certificate
$Cert = $xmldocument.entitydescriptor.roledescriptor.keydescriptor | select Use,@{Name="x509"; Expression={(($_.keyinfo).X509data).x509certificate}}
#Sign Cert
$cert | ? {$_.use -eq "signing"} | select -ExpandProperty x509 | out-file c:\temp\Signcert.cer
#Encryption Cert
$cert | ? {$_.use -eq "encryption"} | select -ExpandProperty x509 | out-file c:\temp\Encryptioncert.cer
$Cert
Wednesday, July 29, 2020
Powershell - Get certificate information
List Certificate Templates
function get-CertificateTemplates { [CmdletBinding()] Param ( [Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [string]$forest ) $DefaultPartition = Get-ADDomainController -Server $forest | select -expand DefaultPartition $configcontext = "CN=Configuration,$($DefaultPartition)" $ADSI = [ADSI]"LDAP://CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext" $ADSI.Children | Sort-Object Name | Select-Object DisplayName, Name, msPKI-Cert-Template-OID } List Certificate CDP info function get-CertificateCDP { [CmdletBinding()] Param ( [Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [string]$forest ) $DefaultPartition = Get-ADDomainController -Server $forest | select -expand DefaultPartition $configcontext = "CN=Configuration,$($DefaultPartition)" $ADSI = [ADSI]"LDAP://CN=cdp,CN=Public Key Services,CN=Services,$ConfigContext" $ADSI.Children | select cn,Children,path } List Certificate Auhtorities in forest - requires activedirectory module function get-CertificationAuthorities { [CmdletBinding()] Param ( [Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)] [string]$forest ) $DefaultPartition = Get-ADDomainController -Server $forest | select -expand DefaultPartition $configcontext = "CN=Configuration,$($DefaultPartition)" $ADSI = [ADSI]"LDAP://CN=Certification Authorities,CN=Public Key Services,CN=Services,$ConfigContext" $ADSI.Children | select name,whenCreated }
-
Running solidcore you may run into a problem where you have to disable it with out using epo or the local CLI Here are the steps. ...
-
Wrote this to get certificate expiration information for certificates that expired 5 days ago to ones that expire in 90 days. Wrap an invoke...
-
List Certificate Templates function get-CertificateTemplates { [ CmdletBinding ()] Param ( [ Parameter ( Mandatory = $True, Va...