Skip to content

Instantly share code, notes, and snippets.

View tracywhodoesnot's full-sized avatar

tracywhodoesnot tracywhodoesnot

9 followers · 56 following
  • 01:55 (UTC +08:00)
View GitHub Profile
@tracywhodoesnot
tracywhodoesnot / delete_temp_files.bat
Created October 6, 2023 13:19
Delete temporary files in Windows 11
@echo off
setlocal
:: Set the backup directory (change the path as needed)
set "backupDir=C:\TempBackup"
:: Create a timestamp for the backup folder name
for /f "tokens=1-4 delims=/ " %%a in ('date /t') do (set mydate=%%c-%%a-%%b)
for /f "tokens=1-3 delims=/:." %%a in ("%TIME: =0%") do (set mytime=%%a-%%b-%%c)
set "timestamp=%mydate%_%mytime%"
@tracywhodoesnot
tracywhodoesnot / network_optimization.bat
Created October 6, 2023 13:15
Windows 11 network optimization batch file
@echo off
setlocal EnableDelayedExpansion
REM Check if running as administrator
net session >nul 2>&1
if %errorLevel% == 0 (
echo Running as administrator...
) else (
echo This batch file must be run as administrator!
pause
@tracywhodoesnot
tracywhodoesnot / index.html
Created May 9, 2023 03:38
Tracy_Expandable_Cloud_Resume
<html>
<head>
<script src="https://code.jquery.com/jquery-2.2.4.min.js" integrity="sha256-BbhdlvQf/xTY9gja0Dq3HiwQF8LaCRTXxZKRutelT44=" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/three.js/r128/three.min.js"></script>
<script src="https://www.vantajs.com/dist/vanta.waves.min.js"></script>
<link href="https://fonts.googleapis.com/css?family=Share+Tech|Share+Tech+Mono" rel="stylesheet" />
<title>Tracy Cloud Resume</title>
<!-- Add jQuery -->
@tracywhodoesnot
tracywhodoesnot / index.html
Created May 7, 2023 14:45
Tracy_Expandable_Cloud_Resume
<html>
<head>
<script src="https://code.jquery.com/jquery-2.2.4.min.js" integrity="sha256-BbhdlvQf/xTY9gja0Dq3HiwQF8LaCRTXxZKRutelT44=" crossorigin="anonymous"></script>
<link href="https://fonts.googleapis.com/css?family=Share+Tech|Share+Tech+Mono" rel="stylesheet" />
<title>Designs by Laighlin</title>
</head>
<body onload="draw()">
<canvas id="bg"></canvas>
@tracywhodoesnot
tracywhodoesnot / hacking.md
Created February 14, 2022 19:43 — forked from nonohry/hacking.md
@tracywhodoesnot
tracywhodoesnot / AzureAD-BulkUpdate-UserProfile.ps1
Created June 14, 2021 04:11 — forked from ericphan/AzureAD-BulkUpdate-UserProfile.ps1
Import-Module AzureAD
Connect-AzureAD
$adGroupId = "<Azure AD Group Id here>"
$users = Get-AzureADGroupMember -ObjectId $adGroupId
foreach ($u in $users)
{
@tracywhodoesnot
tracywhodoesnot / PSProcmon.psm1
Created March 25, 2021 13:11 — forked from mattifestation/PSProcmon.psm1
# These keyword values can be obtained with: logman query providers Microsoft-Windows-Kernel-Registry
[Flags()]
enum RegistryOptions {
CloseKey = 0x00000001
QuerySecurityKey = 0x00000002
SetSecurityKey = 0x00000004
EnumerateValueKey = 0x00000010
QueryMultipleValueKey = 0x00000020
SetInformationKey = 0x00000040
FlushKey = 0x00000080
@tracywhodoesnot
tracywhodoesnot / EventLogAuditing.ps1
Created March 25, 2021 13:10 — forked from mattifestation/EventLogAuditing.ps1
Example code used to automate the process of auditing event log security descriptors.
# Run the following from an elevated PowerShell session
# This hashtable will be used to store access rights granted to each group.
$PrincipalGrouping = @{}
# Enumerate all installed event logs
Get-WinEvent -ListLog * | ForEach-Object {
$LogName = $_.LogName
# Convert the security descriptor SDDL string to a security descriptor object.
@tracywhodoesnot
tracywhodoesnot / windows_hardening.cmd
Created March 24, 2021 18:44 — forked from mackwage/windows_hardening.cmd
Script to perform some hardening of Windows OS
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:
@tracywhodoesnot
tracywhodoesnot / WMI_attack_detection.ps1
Created March 16, 2021 23:02 — forked from mattifestation/WMI_attack_detection.ps1
BlueHat 2016 - WMI attack detection demo
#region Scriptblocks that will execute upon alert trigger
$LateralMovementDetected = {
$Event = $EventArgs.NewEvent
$EventTime = [DateTime]::FromFileTime($Event.TIME_CREATED)
$MethodName = $Event.MethodName
$Namespace = $Event.Namespace
$Object = $Event.ObjectPath
$User = $Event.User