{"id":14064261,"url":"https://github.com/jbooz1/WindowsScripts","last_synced_at":"2025-07-29T17:33:04.449Z","repository":{"id":191334056,"uuid":"110276859","full_name":"jbooz1/WindowsScripts","owner":"jbooz1","description":"Some scripts and things that are useful for Windows things","archived":false,"fork":false,"pushed_at":"2019-07-23T20:40:19.000Z","size":12,"stargazers_count":16,"open_issues_count":0,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-08-13T07:06:25.831Z","etag":null,"topics":["mof","powershell","powershell-script","windows"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jbooz1.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2017-11-10T17:57:46.000Z","updated_at":"2024-08-12T19:33:57.000Z","dependencies_parsed_at":null,"dependency_job_id":"c24e9ec0-a5dc-4ada-9132-6bbf15400819","html_url":"https://github.com/jbooz1/WindowsScripts","commit_stats":null,"previous_names":["jbooz1/windowsscripts"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbooz1%2FWindowsScripts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbooz1%2FWindowsScripts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbooz1%2FWindowsScripts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jbooz1%2FWindowsScripts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jbooz1","download_url":"https://codeload.github.com/jbooz1/WindowsScripts/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228032926,"owners_count":17858918,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["mof","powershell","powershell-script","windows"],"created_at":"2024-08-13T07:03:46.837Z","updated_at":"2024-12-04T02:31:29.007Z","avatar_url":"https://github.com/jbooz1.png","language":"PowerShell","funding_links":[],"categories":["PowerShell"],"sub_categories":[],"readme":"# WindowsScripts  \nSome scripts and things that are useful for Windows things  \nThanks to Dr. Mike O'Leary (Twitter: [@MikeOlearyTU](https://twitter.com/MikeOLearyTu) ) and his book [Cyber Operations](https://www.apress.com/us/book/9781484242933) for a lot of these  \n\n\n## Misc\n1. AutorunRegistryLocations -- a handful of autorun locations in registry and how to query them using PSExec\n2. changePasswords.bat  -- Batch one-liner to change all the passwords in a domain\n3. disable_Psexec -- Magical Spell that will turn off PSexec for you\n  \n## MOF\n1. cmdeveryminute -- MOF file that will fire off a command prompt every minute\n2. processToPayload -- MOF file that will fire off a payload or other program of your choosing each time that another program starts up\n\n## Powershell\n1. bulkaddusers  --  Add a whole bunch of users to AD from a CSV file\n2. changepasswords -- Change the passwords for all the users in a domain\n3. createdUserDected -- Query the event log to determine if any new users have been added\n4. disableNetBiosTcpip -- Disable NetBIOS over TCP on every adapter for every system in a domain\n5. newSchTaskAudit -- Query all computers on a domain for new Scheduled Tasks\n6. newServicesAudit -- Query the event log to find any services that have been created on any domain computer in the the last X amount of time\n7. OUmove -- Move users in and out of an Active Directory Organizational Unit\n8. registryChangeAudit -- Query the domain computers for any registry values that have been changed in the last X amount of time\n9. setDirectoryAuditRule -- Set the permissions of a directory on every computer in the domain\n10. StartupDirectoryList -- List the files that are in each users startup directory on every computer on the domain\n11. wmiDetect -- List the WMI Subscriptions for each computer on the domain\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjbooz1%2FWindowsScripts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjbooz1%2FWindowsScripts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjbooz1%2FWindowsScripts/lists"}