Security
Set registry key to prevent spoofing of the Netbios Name Service.
Read MoreRemoves registry key to prevent spoofing of the Netbios Name Service.
Read MoreRemoves registry key to prevent spoofing of Link-Local Multicast Name Resolution.
Read MoreSets registry key to prevent spoofing of Link-Local Multicast Name Resolution.
Read MoreScript Desc: Deletes the registry key in CVE-2023-36884: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 This script disables the registry key described in this link here. Use this script to undo the changes made to protect against the Storm-0978 exploit.
Read MoreEnable the mitigation in the registry per CVE-2023-36884 instructions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 This script is designed to protect your system against the Storm-0978 exploit. If you’re using Microsoft Defender for Office, you’re already safe from harmful attachments that could use this exploit. The script also employs a feature that stops all Office applications from starting up processes…
Read MoreUse this script to automate the process of mitigating CVE-2023-32019 across your environment. The CVE is disabled by default. This script enables it. Click here to see the summary of why it is disabled by default and what it does: How To Manage The Vulnerability Associated With CVE-2023-32019. This script enables the CVE-2023-32019 on Windows…
Read MoreMigrates a business licensed version of SentinelOne to a new mgmt server. Must edit first two lines of the script with the new server url and binding. Will prompt for the passphrase when ran. Can report using $S1$, $S1error$.
Read MoreFolder of scripts that contain information gathering and regulation for IPv4/v6 enabled interfaces. These scripts are 1) for detecting if a machine has a public IPv4 address 2) if a machine has any IPv6 address 3) removing IPv6 from interfaces. Additional IP Regulation scripts can be added to this collection upon request.
Read MoreInstalls the SonicWall Capture client (SentinelOne). You will need to provide the download location link as provided in the Cloud console (Management, Client Installers, Copy link). Reboot will usually be needed. CaptureClient will pop up on users screen, so let them know to ignore… It will also show them a reboot is needed).
Read More