Skip to content

Instantly share code, notes, and snippets.

View jasond2014's full-sized avatar

jasond2014

0 followers · 27 following
View GitHub Profile
@jasond2014
jasond2014 / Invoke-PasswordRoll.ps1
Created June 19, 2024 10:42 — forked from ahhh/Invoke-PasswordRoll.ps1
Microsoft helper script to change the local account passwords
function Invoke-PasswordRoll
{
<#
.SYNOPSIS
This script can be used to set the local account passwords on remote machines to random passwords. The username/password/server combination will be saved in a CSV file.
The account passwords stored in the CSV file can be encrypted using a password of the administrators choosing to ensure clear-text account passwords aren't written to disk.
The encrypted passwords can be decrypted using another function in this file: ConvertTo-CleartextPassword
Function: Invoke-PasswordRoll
Author: Microsoft
Version: 1.0
@jasond2014
jasond2014 / README.md
Created June 1, 2024 01:56 — forked from magnetikonline/README.md
Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers.

Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers

Tip

Microsoft active directory servers by default provide LDAP connections over unencrypted connections (boo!).

The steps below will create a new self signed certificate appropriate for use with and thus enabling LDAPS for an AD server. Of course the "self-signed" portion of this guide can be swapped out with a real vendor purchased certificate if required.

Steps have been tested successfully with Windows Server 2012R2, but should work with Windows Server 2008 without modification. Requires a working OpenSSL install (ideally Linux/OSX) and (obviously) a Windows Active Directory server.

@jasond2014
jasond2014 / Get-ADFSCertificate-Token-Signing.ps1
Created April 18, 2024 09:53 — forked from jhochwald/Get-ADFSCertificate-Token-Signing.ps1
ADFS Authentication with Exchange troubleshooting
Get-ADFSCertificate Token-Signing | Select-Object Thumbprint
@jasond2014
jasond2014 / Get-SharesWithShareAndNTFSPermissions
Created April 12, 2024 14:26 — forked from Juanito99/Get-SharesWithShareAndNTFSPermissions
List File-Shares with Share and NTFS Permissions in PowerShell
<#
License terms
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
#>
#get all Shares
@jasond2014
jasond2014 / cfapi-ddns-worker.js
Created April 1, 2024 07:17 — forked from Gowee/cfapi-ddns-worker.js
A DDNS-friendly wrapper/proxy for Cloudflare API with fine-grained permission control, deployed on Cloudflare Workers
// CloudFlare API token
// for zone: example.com (Edit)
const CLOUDFLARE_API_TOKEN = "TO_BE_FILLED";
// Currently, there seems not to be a way to get zone ids with tokens. So hardcode it here.
// https://community.cloudflare.com/t/bug-in-list-zones-endpoint-when-using-api-token/115048
// Trailing dots CANNOT BE OMITTED.
const ZONES = {
"example.org.": {
id: "TO_BE_FILLED"
},
@jasond2014
jasond2014 / PowerShellLab_Setup.md
Created December 4, 2023 05:43 — forked from jdhitsolutions/PowerShellLab_Setup.md
Detailed instructions for setting up the PowerShellLab for my Pluralsight courses.

PowerShell Lab Detailed Setup Instructions

For my Pluralsight PowerShell courses, you are welcome to use any lab environment you wish. It should include an Active Directory domain with at least a domain controller, a Windows 10 client, and a Windows Server 2016 or 2019 member server. You will need to modify the course files to fit your environment. At this point in time, Windows Server 2022 remains untested for my labs.

However, I am going to recommend that you use a free PowerShell module called PSAutoLab. I encourag you to look at the README document on the project's Github repository before proceeding. If you need help with the module or its commands, you will use the repository's Issue section.

PSAutolab

Please refer to this document to assist in installing and setting up the PSAutolab module on your computer. Run all commands from an elevated Windows PowerShell

@jasond2014
jasond2014 / Vmess + TCP + TLS 方式的 HTTP 分流和网站伪装.md
Created November 4, 2022 02:28 — forked from liberal-boy/Vmess + TCP + TLS 方式的 HTTP 分流和网站伪装.md
Vmess + TCP + TLS 方式的 HTTP 分流和网站伪装

TCP + TLS + Web

背景

  • 目前 Vmess + WebSocket + TLS (以下简称 wss)方式,因其特征如同 HTTPS 流量,可以隐藏 V2Ray 路径,主动侦测会得到正常 HTTP 网站响应,具有良好的伪装能力,目前被广泛用于反审查。

  • 但是如此强大的伪装能力,需要付出严重的性能代价:TLS 1.3 握手需要消耗 1-rtt,WS 握手也需要消耗 1-rtt,增大了握手延迟。V2Ray 增加了 mux 以减少握手的发生,然而实际使用中 mux 体验并不好,很多用户选择关闭。

  • 最近兴起了一个新的反审查工具——Trojan,这个工具将一个类似 Socks 的协议直接通过 TLS 传输,并将认证失败的流量交由 Web 服务器处理。降低 WS 延迟的同时,提供与 wss 方式一样的伪装能力。但是该工具较为年轻,没有路由功能,各平台图形化客户端也不完善。

@jasond2014
jasond2014 / Example.com-Password-Expiration-Notifications.ps1
Created September 15, 2022 01:52 — forked from meoso/Example.com-Password-Expiration-Notifications.ps1
PowerShell Active Directory Password Expiration Email Notification
#################################################################################################################
#
# Password-Expiration-Notifications v20220823
# Highly Modified fork. https://gist.github.com/meoso/3488ef8e9c77d2beccfd921f991faa64
#
# Originally from v1.4 @ https://gallery.technet.microsoft.com/Password-Expiry-Email-177c3e27
# https://windowspoweressentials.com/2017/02/21/powershell-password-reminder-script-updated/
# https://github.com/titlerequired/public
# Robert Pearman (WSSMB MVP)
# TitleRequired.com
@jasond2014
jasond2014 / Get-AzOrphanedVolumes.ps1
Created July 7, 2022 01:13 — forked from RylandDeGregory/Get-AzOrphanedVolumes.ps1
Generate a report of all Azure and AWS disks (volumes) that are not attached to a virtual machine. Output to stdout or to CSV file.
#Requires -Version 6.0
#Requires -Modules Az.Accounts, Az.ResourceGraph
<#
.SYNOPSIS
Generate a report of Azure orphaned volumes
.DESCRIPTION
Generate a report of Azure Disks which are not attached to any virtual machine
.EXAMPLE
Process all Azure Subscriptions and write results to stdout
.\Get-AzOrphanedVolumes.ps1
@jasond2014
jasond2014 / 0_introduction.md
Created June 23, 2022 15:41 — forked from justinhartman/0_introduction.md
Setup Azure Ubuntu 18.04 LEMP VM

How To Install Nginx, MySQL, PHP, SFTP on an Ubuntu Azure Virtual Machine

This series of documents will configure and setup a Nginx, MySQL, and PHP (LEMP) server on a basic Standard B1s (1 vcpus, 1 GiB memory) Ubuntu 16.04 or 18.04 LTS Virtual Machine on Microsoft Azure.

This will also install other useful packages and configurations for SFTP and a fully automated SSL service using certbot for Let's Encrypt.

The B1s is Azure's entry level Linux VM and only comes with 1 GiB memory so