Matthew Dowst mdowst
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Checks the WinRE environment on the local machine to see if it has been patched against CVE-2024-20666 | |
| .DESCRIPTION | |
| Runs the reagentc command to get the WinRE path. Then runs DISM to get the version and build. | |
| The version and build are checked against the values listed in the CVE to ensure that the | |
| WinRE environment has been patched. | |
mdowst
/ Find-AutomationRunAsAccounts.ps1
Last active
August 30, 2023 14:56
This script contains functions to help you identify potential runbooks still using Run As accounts.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| This script contains functions to help you identify potential runbooks still using Run As accounts. | |
| If requires that you have the Az modules installed and that you are authenticated to Azure. | |
| Azure Automation Run As Account will retire on September 30, 2023 and will be replaced with Managed Identities. | |
| Before that date, you'll need to migrate your runbooks to use managed identities. | |
| However, just the presence of a Run As account doesn’t mean a it is being used. Often these were just created | |
| during the automation account provisioning. This script help to determine if you are using the Run As account | |
| by search through the runbooks to find references to the Run As Account actually being called. Then finds the |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| This script was created to test the output and runtimes for Azure Automation runbooks running in different regions. | |
| It is scope to only us regions. Update line 23 to use different areas. | |
| #> | |
| $SubscriptionId = '' | |
| $ResourceGroupName = '' | |
| $Runbook = 'Test-Sandbox' | |
| if ($(Get-AzContext).Subscription.SubscriptionId -ne $SubscriptionId) { | |
| Set-AzContext -SubscriptionId $SubscriptionId -ErrorAction SilentlyContinue |
mdowst
/ FindTwitterFriendsOnMastodon.ps1
Last active
December 16, 2022 14:13
Find Twitter Friends on Mastodon
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Uses BluebirdPS to get all of the people you follow on Twitter. | |
| Then searches their profile for potential Mastodon usernames. | |
| To setup BluebirdPS: https://github.com/thedavecarroll/BluebirdPS | |
| #> | |
| $TwitterFriends = Get-TwitterFriends | |
| # The property fields to search | |
| $properties = 'Name','Description' | |
mdowst
/ AzureVM-Log4j.ps1
Last active
January 7, 2022 16:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| This script will query all Azure Subscriptions for Windows Virtual Machines and check them for the presence of potential Log4j vulnerabilities. | |
| It checks for Java installations and search all files for Log4j JAR files. This is not a conclusive scan, but is a good way to quickly | |
| identify potentially at risk machines. | |
| To function correctly, the VM requires connectivity (port 443) to Azure public IP addresses. | |
| Updated 12/22/2021 - Now includes ability to scan Arc servers | |
| The account running this script must have read access to the VMs along with |
mdowst
/ Out-GridViewCode
Created
June 3, 2019 16:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Out-GridViewCode{ | |
| <# | |
| .SYNOPSIS | |
| Sends output to an interactive table in a separate window. With extended support to display Out-GridView as main window when using VS Code | |
| .DESCRIPTION | |
| The Out-GridView cmdlet sends the output from a command to a grid view window where the output is displayed in an interactive table. However, when you use VS Code the window appears in the background. Running this wrapper will bring the window to the front. | |
| Parameters remain the same as the orginal Out-GridView | |
mdowst
/ RemoveWsusDeadline.ps1
Last active
August 16, 2024 21:27
This script can be used to remove all deadlines from approved updates in WSUS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Use to remove all or past deadlines from WSUS | |
| .PARAMETER WsusServer | |
| Name of the remote machine running WSUS server. Defaults to localhost. | |
| .PARAMETER UseSecureConnection | |
| If set to true, uses SSL instead of HTTP. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Encode-LogAnalyticsQuery{ | |
| <# | |
| .SYNOPSIS | |
| This function is used by the Write-LogAnalyticsURL Function to encode the query string for the URL. | |
| .DESCRIPTION | |
| This function outputs a compressed Base64 string based in the QueryString value passed to it. | |
| .PARAMETER QueryString | |
| The query you want to create a URL for. |
mdowst
/ Search-PSScripts.ps1
Last active
November 29, 2018 20:53
A PowerShell function usedto search the text inside PowerShell scripts for a particular string
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Search-PSScripts{ | |
| <# | |
| .SYNOPSIS | |
| Use to search the text inside PowerShell scripts for a particular string | |
| .PARAMETER SearchString | |
| The string to search for inside the script file | |
| .PARAMETER Path | |
| The folder path to search for PowerShell files in. Default to userprofile if not specified. |
mdowst
/ curator-action.yml
Created
June 17, 2018 19:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Remember, leave a key empty if there is no value. None will be a string, | |
| # not a Python "NoneType" | |
| actions: | |
| 1: | |
| action: close | |
| description: close indices | |
| options: | |
| delete_aliases: False | |
| timeout_override: | |
| continue_if_exception: True |
NewerOlder