irt/gists
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Restructure repository: organize tools by purpose, create what search tool

Browse Source 
- Move single-file tools to tools/ organized by category (security, forensics, data, etc.)
- Move multi-file projects to projects/ (go-tools, puzzlebox, timesketch, rust-tools)
- Move system scripts to scripts/ (proxy, display, setup, windows)
- Organize config files in config/ (shell, visidata, applications)
- Move experimental tools to archive/experimental
- Create 'what' fuzzy search tool with progressive enhancement (ollama->fzf->grep)
- Add initial metadata database for intelligent tool discovery
- Preserve git history using 'git mv' commands
This commit is contained in:
tobias
2025-08-24 19:50:00 +02:00
parent 9518290544
commit 619b0bc432
124 changed files with 1063 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/display/reset_screens.sh Executable file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
xrandr --output DVI-I-1 --mode 1920x1080 --rotate left --pos 0x0
xrandr --output DP-1 --primary --mode 2560x1440 --pos 1080x350
xrandr --output DP-2 --mode 2560x1440 --pos 3640x350

3
scripts/display/toggle_display.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/bash
display=$(xrandr | grep -wi connected | grep -i hdmi | cut -f1 -d" ")
xrandr --output ${display} --primary

8
scripts/display/toggle_touchpad Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
touchpad_id=$(xinput list | grep -i -e touch -e Synaptics | grep -Po '(?<=id=)\d+')
echo $touchpad_id
if (xinput list-props ${touchpad_id} | grep "Device Enabled" | grep -Po '\d$' | grep -q "1"); then
xinput disable "${touchpad_id}"
else
xinput enable "${touchpad_id}"
fi

21
scripts/proxy/get_proxy.sh Normal file
View File

@@ -0,0 +1,21 @@
#!/bin/bash
proxy_ip=$(env | grep http_proxy | grep -Pio '[^@/:]+(?=:\d+/?$)')
proxy_port=$(env | grep http_proxy | grep -Pio '(?<=:)(\d+)(?=/?$)')
if [ -z "${proxy_ip}" ]; then
echo "Enter Proxy IP or Hostname (no port): "
read proxy_ip
else
echo "Using >>${proxy_ip}<< as Proxy-Address"
fi
if [ -z "${proxy_port}" ]; then
echo -n "Proxy-Port: "
read proxy_port
else
echo "Using >>${proxy_port}<< as Proxy-Port"
fi
echo "Using ${proxy_ip}:${proxy_port} as Proxy!"

27
scripts/proxy/update_apt_proxy.sh Executable file
View File

@@ -0,0 +1,27 @@
#!/bin/bash
config_file='/etc/apt/apt.conf.d/80certproxy'
#remove proxy settings from docker
if [[ "${1}" == "off" ]]; then
echo "TURNING OFF PROXY FOR APT"
sudo rm -rf "${config_file}"
sudo snap unset system proxy.http
sudo snap unset system proxy.https
exit 0
fi
#populate proxy_ip and proxy_port variables
path=$(dirname $(readlink -f "${0}"))
. "${path}/get_proxy.sh"
echo -n "Username: "
read username
echo -n "Password: "
read -s password
encpassword=$(echo -n ${password} | xxd -p | sed -e 's/\(..\)/%\1/g' )
echo 'Acquire::http::Proxy "http://'"${username}:${encpassword}@${proxy_ip}:${proxy_port}/"'";' | sudo tee "${config_file}"
echo 'Acquire::http::Timeout "360";' | sudo tee -a "${config_file}"
echo "SETTING PROXY FOR SNAP ASWELL"
sudo snap set system proxy.http=http://${username}:${encpassword}@${proxy_ip}:${proxy_port}/
sudo snap set system proxy.https=http://${username}:${encpassword}@${proxy_ip}:${proxy_port}/

49
scripts/proxy/update_bashrc_proxy.sh Executable file
View File

@@ -0,0 +1,49 @@
#!/bin/bash
user=$(logname)
bashrc_file=/home/${user}/.bashrc
proxy_file=/home/${user}/.http_proxy
noproxy_file=/home/${user}/.http_noproxy
#turn off bashrc proxy settings
if [[ "${1}" == "off" ]]; then
echo "TURNING OFF PROXY IN BASHRC"
mv -v "${proxy_file}" "${proxy_file}.off"
exit 0
fi
#turn on bashrc proxy settings
if [[ "${1}" == "on" ]]; then
if [[ -f "${proxy_file}.off" ]] ; then
echo "TURNING ON PROXY IN BASHRC"
mv -v "${proxy_file}.off" "${proxy_file}"
exit 0
else
echo "No disabled Proxy-Config found. Creating a new one!"
fi
fi
marker="#PROXY_A93JK2"
path=$(dirname $(readlink -f "${0}"))
. "${path}/get_proxy.sh"
echo -n "Username: "
read username
echo -n "Password: "
read -s password
encpassword=$(echo -n ${password} | xxd -p | sed -e 's/\(..\)/%\1/g' )
if ! grep -qF -e "PROXY_A93JK2" "${bashrc_file}" ; then
echo "[ -f ${proxy_file} ] && . ${proxy_file} #PROXY_A93JK2" >> "${bashrc_file}"
fi
echo 'export "HTTP_PROXY=http://'"${username}"':"'"${encpassword}@${proxy_ip}:${proxy_port}/" > "${proxy_file}"
echo 'export "HTTPS_PROXY=http://'"${username}"':"'"${encpassword}@${proxy_ip}:${proxy_port}/" >> "${proxy_file}"
echo 'export "http_proxy=http://'"${username}"':"'"${encpassword}@${proxy_ip}:${proxy_port}/" >> "${proxy_file}"
echo 'export "https_proxy=http://'"${username}"':"'"${encpassword}@${proxy_ip}:${proxy_port}/" >> "${proxy_file}"
echo 'export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt' >> "${proxy_file}"
echo "[ -f ${noproxy_file} ] && . ${noproxy_file}" >> "${proxy_file}"
[ -f "${noproxy_file}" ] || echo 'export "NO_PROXY=localhost,127.0.0.1"' > "${noproxy_file}"

51
scripts/proxy/update_service_proxy.sh Executable file
View File

@@ -0,0 +1,51 @@
#!/bin/bash
services=(docker snapd)
function restart_services(){
echo "Reloading Systemd - Configfiles"
sudo systemctl daemon-reload
for service in ${services[*]} ; do
echo "Restarting Service $service"
sudo systemctl restart $service
done
}
#remove proxy settings from docker
if [[ "${1}" == "off" ]]; then
for service in ${services[*]} ; do
echo "TURNING OFF PROXY FOR ${service^^}"
sudo rm -v "/etc/systemd/system/${service}.service.d/http-proxy.conf"
done
restart_services
exit 0
fi
#populate proxy_ip and proxy_port variables
path=$(dirname $(readlink -f "${0}"))
. "${path}/get_proxy.sh"
echo -n "Username: "
read username
echo -n "Password: "
read -s password
#encpassword=$(perl -MURI::Escape -e 'print uri_escape($ARGV[0]);' "${password}")
#encpassword=$(echo -n ${password} | sed -e 's/\@/\\x40/g' -e 's/\!/\\x21/g' -e 's/\$/\\x24/g' -e 's/\*/\\x2a/g' -e 's/\%/\\x25/g' -e 's/\&/\\x26/g' -e 's/\#/\\x30/g')
encpassword=$(echo -n ${password} | xxd -p | sed -e 's/\(..\)/%%\1/g' )
for service in ${services[*]} ; do
if ! [[ -d "/etc/systemd/system/${service}.service.d" ]] ; then
sudo mkdir -p "/etc/systemd/system/${service}.service.d/"
fi
echo "[Service]" | sudo tee "/etc/systemd/system/${service}.service.d/http-proxy.conf" >/dev/null
echo 'Environment="HTTP_PROXY=http://'"${username}"':"'"${encpassword}@${proxy_ip}:${proxy_port}/" | sudo tee -a "/etc/systemd/system/${service}.service.d/http-proxy.conf" >/dev/null
echo 'Environment="HTTPS_PROXY=http://'"${username}"':"'"${encpassword}@${proxy_ip}:${proxy_port}/" | sudo tee -a "/etc/systemd/system/${service}.service.d/http-proxy.conf" >/dev/null
if [[ -z "$NO_PROXY" ]] ; then
echo -n 'Environment="NO_PROXY=localhost,127.0.0.1"' | sudo tee -a "/etc/systemd/system/${service}.service.d/http-proxy.conf" >/dev/null
else
echo 'Environment="'$(env | grep NO_PROXY)'"' | sudo tee -a "/etc/systemd/system/${service}.service.d/http-proxy.conf" >/dev/null
fi
done
restart_services

76
scripts/setup/automountctl Executable file
View File

@@ -0,0 +1,76 @@
#!/bin/bash
command="${1}"
# test if gsettings tool is installed
if ! (which gsettings 1>/dev/null) ; then
echo "need gsettings"
exit 1
fi
#test for existing mate settings
if (gsettings get org.mate.media-handling automount 1>/dev/null 2>/dev/null) ; then
mate=1
fi
#test for existing gnome settings
if (gsettings get org.gnome.desktop.media-handling automount 1>/dev/null 2>/dev/null) ; then
gnome=1
fi
#test if at least one of the known settings where found
if [ -z $mate ] && [ -z $gnome ] ; then
echo "No supported Settings found"
echo "mate : org.mate.media-handling automount"
echo "gnome: org.gnome.desktop.media-handling automount"
exit 1
fi
case ${command} in
on)
echo "turning on"
if [[ $mate -eq "1" ]] ; then
gsettings set org.mate.media-handling automount true
gsettings set org.mate.media-handling automount-open true
fi
if [[ $gnome -eq "1" ]] ; then
gsettings set org.gnome.desktop.media-handling automount true
gsettings set org.gnome.desktop.media-handling automount-open true
fi
;;
off)
echo "turning off"
if [[ $mate -eq "1" ]] ; then
gsettings set org.mate.media-handling automount false
gsettings set org.mate.media-handling automount-open false
fi
if [[ $gnome -eq "1" ]] ; then
gsettings set org.gnome.desktop.media-handling automount false
gsettings set org.gnome.desktop.media-handling automount-open false
fi
;;
*)
echo "Status:"
if [[ $mate -eq "1" ]] ; then
echo "# mate-settings found:"
echo " - org.mate.media-handling automount :"
echo -n " "
gsettings get org.mate.media-handling automount
echo " - org.mate.media-handling automount-open :"
echo -n " "
gsettings get org.mate.media-handling automount-open
fi
if [[ $gnome -eq "1" ]] ; then
echo "# gnome-settings found:"
echo " - org.gnome.desktop.media-handling automount :"
echo -n " "
gsettings get org.gnome.desktop.media-handling automount
echo " - org.gnome.desktop.media-handling automount-open :"
echo -n " "
gsettings get org.gnome.desktop.media-handling automount-open
fi
echo "-------------------"
echo "usage:"
echo " $0 on : turn on automount"
echo " $0 off : turn off automount"
esac

6
scripts/setup/share.sh Executable file
View File

@@ -0,0 +1,6 @@
#!/bin/bash
#ifconfig eth1 10.10.10.1/24
sysctl -w net.ipv4.conf.all.forwarding=1
iptables -t nat -F
iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE

35
scripts/setup/terminal-logs.sh Normal file
View File

@@ -0,0 +1,35 @@
disablefile=$(realpath ~/.notermlogs)
if [[ -f "${disablefile}" ]] ; then
echo "${disablefile} exists > Terminal - Logging is disabled"
else
if [[ -z "${termlogpid}" ]] ; then
export termlogpid="$(echo $$)"
export termlogsdir="${HOME}/termlogs"
export termlogfilename="${termlogsdir}/$(date +%Y-%m-%d_%H:%M:%S)_${termlogpid}"
if ! [[ -d "${termlogsdir}" ]] ; then
echo "Terminal log folder does not exist. ${termlogsdir} will be created..."
mkdir -v -p "${termlogsdir}"
fi
#Cleanup old files
echo "Removin Terminal Logs older than 30 days:"
find "${termlogsdir}" -type f -mtime +30
find "${termlogsdir}" -type f -mtime +30 -delete
#prepare outputfiles with proper permissions
touch "${termlogfilename}.termlog"
chmod 600 "${termlogfilename}.termlog"
touch "${termlogfilename}.termtime"
chmod 600 "${termlogfilename}.termtime"
#start logged session
script -t"${termlogfilename}.termtime" "${termlogfilename}.termlog"
#clean up after exiting
gzip "${termlogfilename}.termlog"
if [[ -f "/tmp/disablescreenrecord_${termlogpid}" ]] ; then
echo "Recording stopped for this session"
else
exit
fi
else
alias stop_termlog="touch /tmp/disablescreenrecord_${termlogpid} ; exit"
fi
fi

440
scripts/windows/Get-ZimmermanTools.ps1 Normal file
View File

@@ -0,0 +1,440 @@
<#
.SYNOPSIS
This script will discover and download all available programs from https://ericzimmerman.github.io and download them to $Dest
.DESCRIPTION
A file will also be created in $Dest that tracks the SHA-1 of each file, so rerunning the script will only download new versions. To redownload, remove lines from or delete the CSV file created under $Dest and rerun.
.PARAMETER Dest
The path you want to save the programs to.
.EXAMPLE
C:\PS> Get-ZimmermanTools.ps1 -Dest c:\tools
Downloads/extracts and saves details about programs to c:\tools directory.
.NOTES
Author: Eric Zimmerman
Date: January 22, 2019
#>
[CmdletBinding(DefaultParameterSetName="NoProxy")]
Param
(
[Parameter()]
[string]$Dest= (Resolve-Path "."), #Where to save programs to
#Specifies a proxy server for the request, rather than connecting directly to the Internet resource. Enter the URI of a network proxy server.
[Parameter(Mandatory=$true,
ParameterSetName="ProxyAlone")]
[Parameter(Mandatory=$true,
ParameterSetName="ProxyWithCreds")]
[Parameter(Mandatory=$true,
ParameterSetName="ProxyDefaultCreds")]
[string]$Proxy,
#Specifies a user account that has permission to use the proxy server that is specified by the Proxy parameter.
#Type a user name, such as "User01" or "Domain01\User01", or enter a PSCredential object, such as one generated by the Get-Credential cmdlet.
#This parameter is valid only when the Proxy parameter is also used in the command. You cannot use the ProxyCredential and ProxyUseDefaultCredentials parameters in the same command.
[Parameter(Mandatory=$true,
ParameterSetName="ProxyWithCreds")]
[pscredential]$ProxyCredential,
#Indicates that the cmdlet uses the credentials of the current user to access the proxy server that is specified by the Proxy parameter.
#This parameter is valid only when the Proxy parameter is also used in the command. You cannot use the ProxyCredential and ProxyUseDefaultCredentials parameters in the same command.
[Parameter(Mandatory=$true,
ParameterSetName="ProxyDefaultCreds")]
[switch]$ProxyUseDefaultCredentials
)
function Write-Color {
<#
.SYNOPSIS
Write-Color is a wrapper around Write-Host.
It provides:
- Easy manipulation of colors,
- Logging output to file (log)
- Nice formatting options out of the box.
.DESCRIPTION
Author: przemyslaw.klys at evotec.pl
Project website: https://evotec.xyz/hub/scripts/Write-Color-ps1/
Project support: https://github.com/EvotecIT/PSWriteColor
Original idea: Josh (https://stackoverflow.com/users/81769/josh)
.EXAMPLE
Write-Color -Text "Red ", "Green ", "Yellow " -Color Red,Green,Yellow
.EXAMPLE
Write-Color -Text "This is text in Green ",
"followed by red ",
"and then we have Magenta... ",
"isn't it fun? ",
"Here goes DarkCyan" -Color Green,Red,Magenta,White,DarkCyan
.EXAMPLE
Write-Color -Text "This is text in Green ",
"followed by red ",
"and then we have Magenta... ",
"isn't it fun? ",
"Here goes DarkCyan" -Color Green,Red,Magenta,White,DarkCyan -StartTab 3 -LinesBefore 1 -LinesAfter 1
.EXAMPLE
Write-Color "1. ", "Option 1" -Color Yellow, Green
Write-Color "2. ", "Option 2" -Color Yellow, Green
Write-Color "3. ", "Option 3" -Color Yellow, Green
Write-Color "4. ", "Option 4" -Color Yellow, Green
Write-Color "9. ", "Press 9 to exit" -Color Yellow, Gray -LinesBefore 1
.EXAMPLE
Write-Color -LinesBefore 2 -Text "This little ","message is ", "written to log ", "file as well." `
-Color Yellow, White, Green, Red, Red -LogFile "C:\testing.txt" -TimeFormat "yyyy-MM-dd HH:mm:ss"
Write-Color -Text "This can get ","handy if ", "want to display things, and log actions to file ", "at the same time." `
-Color Yellow, White, Green, Red, Red -LogFile "C:\testing.txt"
.EXAMPLE
# Added in 0.5
Write-Color -T "My text", " is ", "all colorful" -C Yellow, Red, Green -B Green, Green, Yellow
wc -t "my text" -c yellow -b green
wc -text "my text" -c red
.NOTES
CHANGELOG
Version 0.5 (25th April 2018)
-----------
- Added backgroundcolor
- Added aliases T/B/C to shorter code
- Added alias to function (can be used with "WC")
- Fixes to module publishing
Version 0.4.0-0.4.9 (25th April 2018)
-------------------
- Published as module
- Fixed small issues
Version 0.31 (20th April 2018)
------------
- Added Try/Catch for Write-Output (might need some additional work)
- Small change to parameters
Version 0.3 (9th April 2018)
-----------
- Added -ShowTime
- Added -NoNewLine
- Added function description
- Changed some formatting
Version 0.2
-----------
- Added logging to file
Version 0.1
-----------
- First draft
Additional Notes:
- TimeFormat https://msdn.microsoft.com/en-us/library/8kb3ddd4.aspx
#>
[alias('Write-Colour')]
[CmdletBinding()]
param (
[alias ('T')] [String[]]$Text,
[alias ('C', 'ForegroundColor', 'FGC')] [ConsoleColor[]]$Color = [ConsoleColor]::White,
[alias ('B', 'BGC')] [ConsoleColor[]]$BackGroundColor = $null,
[alias ('Indent')][int] $StartTab = 0,
[int] $LinesBefore = 0,
[int] $LinesAfter = 0,
[int] $StartSpaces = 0,
[alias ('L')] [string] $LogFile = '',
[Alias('DateFormat', 'TimeFormat')][string] $DateTimeFormat = 'yyyy-MM-dd HH:mm:ss',
[alias ('LogTimeStamp')][bool] $LogTime = $true,
[ValidateSet('unknown', 'string', 'unicode', 'bigendianunicode', 'utf8', 'utf7', 'utf32', 'ascii', 'default', 'oem')][string]$Encoding = 'Unicode',
[switch] $ShowTime,
[switch] $NoNewLine
)
$DefaultColor = $Color[0]
if ($null -ne $BackGroundColor -and $BackGroundColor.Count -ne $Color.Count) { Write-Error "Colors, BackGroundColors parameters count doesn't match. Terminated." ; return }
#if ($Text.Count -eq 0) { return }
if ($LinesBefore -ne 0) { for ($i = 0; $i -lt $LinesBefore; $i++) { Write-Host -Object "`n" -NoNewline } } # Add empty line before
if ($StartTab -ne 0) { for ($i = 0; $i -lt $StartTab; $i++) { Write-Host -Object "`t" -NoNewLine } } # Add TABS before text
if ($StartSpaces -ne 0) { for ($i = 0; $i -lt $StartSpaces; $i++) { Write-Host -Object ' ' -NoNewLine } } # Add SPACES before text
if ($ShowTime) { Write-Host -Object "[$([datetime]::Now.ToString($DateTimeFormat))]" -NoNewline} # Add Time before output
if ($Text.Count -ne 0) {
if ($Color.Count -ge $Text.Count) {
# the real deal coloring
if ($null -eq $BackGroundColor) {
for ($i = 0; $i -lt $Text.Length; $i++) { Write-Host -Object $Text[$i] -ForegroundColor $Color[$i] -NoNewLine }
} else {
for ($i = 0; $i -lt $Text.Length; $i++) { Write-Host -Object $Text[$i] -ForegroundColor $Color[$i] -BackgroundColor $BackGroundColor[$i] -NoNewLine }
}
} else {
if ($null -eq $BackGroundColor) {
for ($i = 0; $i -lt $Color.Length ; $i++) { Write-Host -Object $Text[$i] -ForegroundColor $Color[$i] -NoNewLine }
for ($i = $Color.Length; $i -lt $Text.Length; $i++) { Write-Host -Object $Text[$i] -ForegroundColor $DefaultColor -NoNewLine }
} else {
for ($i = 0; $i -lt $Color.Length ; $i++) { Write-Host -Object $Text[$i] -ForegroundColor $Color[$i] -BackgroundColor $BackGroundColor[$i] -NoNewLine }
for ($i = $Color.Length; $i -lt $Text.Length; $i++) { Write-Host -Object $Text[$i] -ForegroundColor $DefaultColor -BackgroundColor $BackGroundColor[0] -NoNewLine }
}
}
}
if ($NoNewLine -eq $true) { Write-Host -NoNewline } else { Write-Host } # Support for no new line
if ($LinesAfter -ne 0) { for ($i = 0; $i -lt $LinesAfter; $i++) { Write-Host -Object "`n" -NoNewline } } # Add empty line after
if ($Text.Count -ne 0 -and $LogFile -ne "") {
# Save to file
$TextToFile = ""
for ($i = 0; $i -lt $Text.Length; $i++) {
$TextToFile += $Text[$i]
}
try {
if ($LogTime) {
Write-Output -InputObject "[$([datetime]::Now.ToString($DateTimeFormat))]$TextToFile" | Out-File -FilePath $LogFile -Encoding $Encoding -Append
} else {
Write-Output -InputObject "$TextToFile" | Out-File -FilePath $LogFile -Encoding $Encoding -Append
}
} catch {
$_.Exception
}
}
}
#Setup proxy information for Invoke-WebRequest
[hashtable]$IWRProxyConfig = @{}
if ($Proxy){
$IWRProxyConfig.Add("Proxy",$Proxy)
}
if ($ProxyCredential){
$IWRProxyConfig.Add("ProxyCredential",$ProxyCredential)
}
if ($ProxyUseDefaultCredentials){
$IWRProxyConfig.Add("ProxyUseDefaultCredentials",$true)
}
Write-Color -LinesBefore 1 "This script will discover and download all available programs" -BackgroundColor Blue
Write-Color "from https://ericzimmerman.github.io and download them to $Dest" -BackgroundColor Blue -LinesAfter 1
Write-Color "A file will also be created in $Dest that tracks the SHA-1 of each file,"
Write-Color "so rerunning the script will only download new versions."
Write-Color -LinesBefore 1 -Text "To redownload, remove lines from or delete the CSV file created under $Dest and rerun. Enjoy!" -LinesAfter 1
$TestColor = (Get-Host).ui.rawui.ForegroundColor
if ($TestColor -eq -1)
{
$defaultColor = [ConsoleColor]::Gray
} else {
$defaultColor = $TestColor
}
$newInstall = $false
if(!(Test-Path -Path $Dest ))
{
Write-Color -Text "* ", "$Dest does not exist. Creating..." -Color Green,$defaultColor
New-Item -ItemType directory -Path $Dest > $null
$newInstall = $true
}
$URL = "https://raw.githubusercontent.com/EricZimmerman/ericzimmerman.github.io/master/index.md"
$WebKeyCollection = @()
$localDetailsFile = Join-Path $Dest -ChildPath "!!!RemoteFileDetails.csv"
if (Test-Path -Path $localDetailsFile)
{
Write-Color -Text "* ", "Loading local details from '$Dest'..." -Color Green,$defaultColor
$LocalKeyCollection = Import-Csv -Path $localDetailsFile
}
$toDownload = @()
#Get zips
$progressPreference = 'silentlyContinue'
$PageContent = (Invoke-WebRequest @IWRProxyConfig -Uri $URL -UseBasicParsing).Content
$progressPreference = 'Continue'
$regex = [regex] '(?i)\b(https)://[-A-Z0-9+&@#/%?=~_|$!:,.;]*[A-Z0-9+&@#/%=~_|$].(zip|txt)'
$matchdetails = $regex.Match($PageContent)
Write-Color -Text "* ", "Getting available programs..." -Color Green,$defaultColor
$progressPreference = 'silentlyContinue'
while ($matchdetails.Success) {
$headers = (Invoke-WebRequest @IWRProxyConfig -Uri $matchdetails.Value -UseBasicParsing -Method Head).Headers
$getUrl = $matchdetails.Value
$sha = $headers["x-bz-content-sha1"]
$name = $headers["x-bz-file-name"]
$size = $headers["Content-Length"]
$details = @{
Name = [string]$name
SHA1 = [string]$sha
URL = [string]$getUrl
Size = [string]$size
}
$webKeyCollection += New-Object PSObject -Property $details
$matchdetails = $matchdetails.NextMatch()
}
$progressPreference = 'Continue'
Foreach ($webKey in $webKeyCollection)
{
if ($newInstall)
{
$toDownload+= $webKey
continue
}
$localFile = $LocalKeyCollection | Where-Object {$_.Name -eq $webKey.Name}
if ($null -eq $localFile -or $localFile.SHA1 -ne $webKey.SHA1)
{
#Needs to be downloaded since SHA is different or it doesnt exist
$toDownload+= $webKey
}
}
if ($toDownload.Count -eq 0)
{
Write-Color -LinesBefore 1 -Text "* ", "All files current. Exiting." -Color Green,Blue -LinesAfter 1
return
}
$downloadedOK = @()
$destFile = ""
$name = ""
$i=0
$dlCount= $toDownload.Count
Write-Color -Text "* ", "Files to download: $dlCount" -Color Green,$defaultColor
foreach($td in $toDownload)
{
$p = [math]::round( ($i/$toDownload.Count) *100, 2 )
#Write-Host ($td | Format-Table | Out-String)
try
{
$dUrl = $td.URL
$size = $td.Size
$name = $td.Name
Write-Progress -Activity "Updating programs...." -Status "$p% Complete" -PercentComplete $p -CurrentOperation "Downloading $name"
$destFile = [IO.Path]::Combine($Dest, $name)
$progressPreference = 'silentlyContinue'
Invoke-WebRequest @IWRProxyConfig -Uri $dUrl -OutFile $destFile -ErrorAction:Stop -UseBasicParsing
Write-Color -Text "* ", "Downloaded $name (Size: $size)" -Color Green,Blue
if ( $name.endswith("zip") )
{
Expand-Archive -Path $destFile -DestinationPath $Dest -Force
}
$downloadedOK += $td
}
catch
{
$ErrorMessage = $_.Exception.Message
Write-Color -Text "* ", "Error downloading $name ($ErrorMessage). Wait for the run to finish and try again by repeating the command" -Color Green,Red
}
finally
{
$progressPreference = 'Continue'
if ( $name.endswith("zip") )
{
remove-item -Path $destFile
}
}
$i+=1
}
#Write-Host ($webKeyCollection | Format-Table | Out-String)
#Downloaded ok contains new stuff, but we need to account for existing stuff too
foreach($webItems in $webKeyCollection)
{
#Check what we have locally to see if it also contains what is in the web collection
$localFile = $LocalKeyCollection | Where-Object {$_.SHA1 -eq $webItems.SHA1}
#if its not null, we have a local file match against what is on the website, so its ok
if ($null -ne $localFile)
{
#consider it downloaded since SHAs match
$downloadedOK+=$webItems
}
}
Write-Color -LinesBefore 1 -Text "* ", "Saving downloaded version information to $localDetailsFile" -Color Green,$defaultColor -LinesAfter 1
$downloadedOK | export-csv -Path $localDetailsFile
# SIG # Begin signature block
# MIIOCQYJKoZIhvcNAQcCoIIN+jCCDfYCAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB
# gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR
# AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQU3h3hKI/PCw9Fhvn2sUIunz8M
# gFmgggtAMIIFQzCCBCugAwIBAgIRAOhGMy2+0dm4G+A32Y4gvJwwDQYJKoZIhvcN
# AQELBQAwfDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3Rl
# cjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMSQw
# IgYDVQQDExtTZWN0aWdvIFJTQSBDb2RlIFNpZ25pbmcgQ0EwHhcNMTkxMjI1MDAw
# MDAwWhcNMjMwMzI0MjM1OTU5WjCBkjELMAkGA1UEBhMCVVMxDjAMBgNVBBEMBTQ2
# MDQwMQswCQYDVQQIDAJJTjEQMA4GA1UEBwwHRmlzaGVyczEcMBoGA1UECQwTMTU2
# NzIgUHJvdmluY2lhbCBMbjEaMBgGA1UECgwRRXJpYyBSLiBaaW1tZXJtYW4xGjAY
# BgNVBAMMEUVyaWMgUi4gWmltbWVybWFuMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
# MIIBCgKCAQEAtU2gix6QVzDg+YBDDNyZj1kPFwPDhTbojEup24x3swWNCI14P4dM
# Cs6SKDUPmKhe8k5aLpv9eacsgyndyYkrcSGFCwUwbTnetrn8lzOFu53Vz4sjFIMl
# mKVSPfKE7GBoBcJ8jT3LKoB7YzZF6khoQY84fOJPNOj7snfExN64J6KVQlDsgOjL
# wY720m8bN/Rn+Vp+FBXHyUIjHhhvb+o29xFmemxzfTWXhDM2oIX4kRuF/Zmfo9l8
# n3J+iOBL/IiIVTi68adYxq3s0ASxgrQ4HO3veGgzNZ9KSB1ltXyNVGstInIs+UZP
# lKynweRQJO5cc7zK64sSotjgwlcaQdBAHQIDAQABo4IBpzCCAaMwHwYDVR0jBBgw
# FoAUDuE6qFM6MdWKvsG7rWcaA4WtNA4wHQYDVR0OBBYEFGsRm7mtwiWCh8MSEbEX
# TwjtcryvMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoG
# CCsGAQUFBwMDMBEGCWCGSAGG+EIBAQQEAwIEEDBABgNVHSAEOTA3MDUGDCsGAQQB
# sjEBAgEDAjAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBD
# BgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29S
# U0FDb2RlU2lnbmluZ0NBLmNybDBzBggrBgEFBQcBAQRnMGUwPgYIKwYBBQUHMAKG
# Mmh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQUNvZGVTaWduaW5nQ0Eu
# Y3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTAfBgNVHREE
# GDAWgRRlcmljQG1pa2VzdGFtbWVyLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAhX//
# xLBhfLf4X2OPavhp/AlmnpkQU8yIZv8DjVQKJ0j8YhxClIAgyuSb/6+q+njOsxMn
# ZDoCAPlzG0P74e1nYTiw3beG6ePr3uDc9PjUBxDiHgxlI69mlXYdjiAircV5Z8iU
# TcmqJ9LpnTcrvtmQAvN1ldoSW4hmHIJuV0XLOhvAlURuPM1/C9lh0K65nH3wYIoU
# /0pELlDfIdUxL2vOLnElxCv0z07Hf9yw+3grWHJb54Vms6o/xYxZgqCu02DH0q1f
# KrNBwtDkLKKObBF54wA7LdaDGbl3CJXQVRmgokcDI/izmZJxHAHebdbj4zVFyCND
# sMRySmbR+m58q/jv3DCCBfUwggPdoAMCAQICEB2iSDBvmyYY0ILgln0z02owDQYJ
# KoZIhvcNAQEMBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5
# MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBO
# ZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0
# aG9yaXR5MB4XDTE4MTEwMjAwMDAwMFoXDTMwMTIzMTIzNTk1OVowfDELMAkGA1UE
# BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2Fs
# Zm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMSQwIgYDVQQDExtTZWN0aWdv
# IFJTQSBDb2RlIFNpZ25pbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
# AoIBAQCGIo0yhXoYn0nwli9jCB4t3HyfFM/jJrYlZilAhlRGdDFixRDtsocnppnL
# lTDAVvWkdcapDlBipVGREGrgS2Ku/fD4GKyn/+4uMyD6DBmJqGx7rQDDYaHcaWVt
# H24nlteXUYam9CflfGqLlR5bYNV+1xaSnAAvaPeX7Wpyvjg7Y96Pv25MQV0SIAhZ
# 6DnNj9LWzwa0VwW2TqE+V2sfmLzEYtYbC43HZhtKn52BxHJAteJf7wtF/6POF6Yt
# VbC3sLxUap28jVZTxvC6eVBJLPcDuf4vZTXyIuosB69G2flGHNyMfHEo8/6nxhTd
# VZFuihEN3wYklX0Pp6F8OtqGNWHTAgMBAAGjggFkMIIBYDAfBgNVHSMEGDAWgBRT
# eb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUDuE6qFM6MdWKvsG7rWcaA4Wt
# NA4wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYw
# FAYIKwYBBQUHAwMGCCsGAQUFBwMIMBEGA1UdIAQKMAgwBgYEVR0gADBQBgNVHR8E
# STBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNB
# Q2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsG
# AQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRk
# VHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5j
# b20wDQYJKoZIhvcNAQEMBQADggIBAE1jUO1HNEphpNveaiqMm/EAAB4dYns61zLC
# 9rPgY7P7YQCImhttEAcET7646ol4IusPRuzzRl5ARokS9At3WpwqQTr81vTr5/cV
# lTPDoYMot94v5JT3hTODLUpASL+awk9KsY8k9LOBN9O3ZLCmI2pZaFJCX/8E6+F0
# ZXkI9amT3mtxQJmWunjxucjiwwgWsatjWsgVgG10Xkp1fqW4w2y1z99KeYdcx0BN
# YzX2MNPPtQoOCwR/oEuuu6Ol0IQAkz5TXTSlADVpbL6fICUQDRn7UJBhvjmPeo5N
# 9p8OHv4HURJmgyYZSJXOSsnBf/M6BZv5b9+If8AjntIeQ3pFMcGcTanwWbJZGehq
# jSkEAnd8S0vNcL46slVaeD68u28DECV3FTSK+TbMQ5Lkuk/xYpMoJVcp+1EZx6El
# QGqEV8aynbG8HArafGd+fS7pKEwYfsR7MUFxmksp7As9V1DSyt39ngVR5UR43QHe
# sXWYDVQk/fBO4+L4g71yuss9Ou7wXheSaG3IYfmm8SoKC6W59J7umDIFhZ7r+YMp
# 08Ysfb06dy6LN0KgaoLtO0qqlBCk4Q34F8W2WnkzGJLjtXX4oemOCiUe5B7xn1qH
# I/+fpFGe+zmAEc3btcSnqIBv5VPU4OOiwtJbGvoyJi1qV3AcPKRYLqPzW0sH3DJZ
# 84enGm1YMYICMzCCAi8CAQEwgZEwfDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
# ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2Vj
# dGlnbyBMaW1pdGVkMSQwIgYDVQQDExtTZWN0aWdvIFJTQSBDb2RlIFNpZ25pbmcg
# Q0ECEQDoRjMtvtHZuBvgN9mOILycMAkGBSsOAwIaBQCgeDAYBgorBgEEAYI3AgEM
# MQowCKACgAChAoAAMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEEMBwGCisGAQQB
# gjcCAQsxDjAMBgorBgEEAYI3AgEVMCMGCSqGSIb3DQEJBDEWBBSub3DNneg8U2SV
# 3eSlV1WAf1WW3jANBgkqhkiG9w0BAQEFAASCAQBfJ7rjKfvcpG38nVyhlWsnJY5h
# udJfTzZ4Cd5CSNnf84dPyLFqMCjk6PhCzFteJ6JimvoOiCu0N0DRYjIGaL6+iKWK
# P5IBFWyNSmH3PN3ENjmOj0xTnKdodJ8Uos9GmYT7JXtodYpO2fxTKyq5yAwY1dY4
# jmrDdQgseRoR99UTzVO7BZHsBbDj6mT3Jo1NVCD5fgz1CtMi++fFYlayOUPwDBr0
# DnV0yg0wR6CPMH37Qx2Y6jRpD5Yk9BrypT50rY9ORayOL0qav4srjVVN8MwMHjcq
# PMarEg4Hyq+Q91i4+z0xp+PwWNuwwbdrrJaQwa6FXgbC3GJgCHqTNnVbZPh2
# SIG # End signature block

11
scripts/windows/getscreen.psm1 Normal file
View File

@@ -0,0 +1,11 @@
Function Get-Screen
{
[void][Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
$size = [Windows.Forms.SystemInformation]::VirtualScreen
$bitmap = new-object Drawing.Bitmap $size.width, $size.height
$graphics = [Drawing.Graphics]::FromImage($bitmap)
$graphics.CopyFromScreen($size.location,[Drawing.Point]::Empty, $size.size)
$graphics.Dispose()
$bitmap.Save($args[0])
$bitmap.Dispose()
}

48
scripts/windows/sbom.ps1 Normal file
View File

@@ -0,0 +1,48 @@
# Get a list of all installed software from the Windows software library
$installedSoftware = Get-Package
# Get a list of all installed Windows updates
$installedUpdates = Get-HotFix
# Get a list of all Chocolatey packages
$chocoPackages = choco list --localonly
# Create a variable to hold all of the information
$sbom = @()
# Add the installed software to the SBOM
$sbom += $installedSoftware
# Add the formatted updates to the SBOM
$sbom += $installedUpdates
# Add the Chocolatey packages to the SBOM
$sbom += $chocoPackages
# Get the folder path
$folderPath = "C:\Forensic Program Files"
# Get all EXE files in the folder and its subfolders
$exeFiles = Get-ChildItem $folderPath -Recurse -Filter "*.exe"
# Create a variable to hold the EXE file information
$exeInfo = @()
# Loop through each EXE file
foreach ($exeFile in $exeFiles) {
# Get the file version information
$fileVersion = [System.Diagnostics.FileVersionInfo]::GetVersionInfo($exeFile.FullName)
# Add the EXE file information to the array
$exeInfo += New-Object PSObject -Property @{
"Path" = $exeFile.FullName
"Product Name" = $fileVersion.ProductName
"Product Version" = $fileVersion.ProductVersion
}
}
# Add the EXE file information to the SBOM
$sbom += $exeInfo
# Export the SBOM to a CSV file
$sbom | Export-Csv C:\tmp\sbom.csv -NoTypeInformation