Silent Break Security silentbreaksec
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [DllImport("shell32.dll", SetLastError = true)] | |
| static extern IntPtr CommandLineToArgvW([MarshalAs(UnmanagedType.LPWStr)] string lpCmdLine, out int pNumArgs); | |
| public static string[] CommandLineToArgs(string commandLine) | |
| { | |
| int argc; | |
| var argv = CommandLineToArgvW(commandLine, out argc); | |
| if (argv == IntPtr.Zero) | |
| throw new System.ComponentModel.Win32Exception(); | |
| try |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user nginx; | |
| worker_processes auto; | |
| pid /usr/local/nginx/logs/nginx.pid; | |
| include /etc/nginx/conf.d/*.conf; | |
| worker_rlimit_nofile 50000; | |
| events { | |
| worker_connections 50000; | |
| } |
silentbreaksec
/ SysmonStartup.bat
Created
March 2, 2018 23:39
Windows batch file to deploy Sysmon using a startup script via GPO
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| :: Author: Ryan Watson | |
| :: Twitter: @gentlemanwatson | |
| :: Version: 1.0 | |
| :: Credits: Credit to Syspanda.com and their Sysmon GPO article for the kick off point | |
| :: https://www.syspanda.com/index.php/2017/02/28/deploying-sysmon-through-gpo/ | |
| :: ** IMPORTANT ** | |
| :: 1) Create a Sysmon folder with the SYSVOL share on your domain controller | |
| :: 2) Download Sysmon from Microsoft and place both sysmon.exe and sysmon64.exe in |
silentbreaksec
/ helk-installer.sh
Created
February 6, 2018 17:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # HELK Installation Script (Elasticsearch, Logstash, Kibana & Nginx) | |
| # HELK build version: 0.9 (BETA Script) | |
| # Author: Roberto Rodriguez @Cyb3rWard0g | |
| # Description: This script installs every single component of the ELK Stack plus Nginx | |
| # Blog: https://cyberwardog.blogspot.com/2017/02/setting-up-pentesting-i-mean-threat_98.html | |
| # Fork version: 0.1 | |
| # Fork Author: Ryan Watson @gentlemanwatson |