Scripts

Disclaimer: All content is for informational research, learning, and exchange purposes only, to be used in a lawful and compliant manner. Thank you.

Introduction

The project involves interdisciplinary applications and analysis of information: desktop baseline checks, software activation/cracking, antivirus evasion and privilege escalation, firmware identification and read/write for penetration support, host account null password detection, Wi-Fi password scanning, cloud host security hardening, host system log analysis, natural language processing, and data analysis in humanities and social sciences.

• System Platforms: Windows/Mac/Linux; Scripting Languages: Multiple, flexible; customized as needed.
• Research Focus: Basic information automation, cloud host/local desktop security processing, social science information technology, and data analysis.

The project code involves component version compatibility issues. <a href="https://nbviewer.org/github/Excalibra/scripts/blob/main/d-ipynb/Platform%20Compatibility%20Issues.ipynb">Click here</a> for more details; regarding the inability to preview ipynb on GitHub, please refer here; to generate automated information processing reports, check the d-xlsx directory for more details.

Windows Server Domain Controller

Daily operation records of a domain administrator.

<details> <summary><b>Click for details</b></summary> Script Locations:

• https://github.com/Excalibra/scripts/tree/main/d-python-dc
• https://github.com/Excalibra/scripts/tree/main/d-pwsh-dc

Illustrated Versions:

• Code for adding watermarks to domain controller computer screens, suitable for intranet office environments
• DEV - 【PowerShell】Batch add permissions based on text content
• DEV - 【PowerShell】Convert NTFS folder security permissions to corresponding shared permissions (project)
• DEV - Check which shared folders a user has permissions for and remove those permissions
• DEV - A simple script for exporting domain accounts (requires regex)
• DEV - 【PowerShell】Domain user management, file authorization, organizational unit, and domain user restoration

</details>

Windows Desktop Technical Baseline Check

First, ensure that PowerShell is enabled on your system:

• Enable PowerShell feature: Set-ExecutionPolicy RemoteSigned
• Disable PowerShell feature: Set-ExecutionPolicy Restricted

<details> <summary><b>Click for Details</b></summary>

One-click usage, local download <a href="https://dev.to/excalibra/script-for-checking-windows-baselines-c3i">Graphical Version</a>

<pre><code> irm https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/refs/heads/main/d-pwsh/frontline_helpdesk.ps1|iex</code></pre>

Feature Overview:

<ol> <li>Check IP and network device connectivity status</li> <li>Check printer, print spooler, and scanner status</li> <li>Check basic driver information for hard drives, CPUs, memory, graphics cards, etc.</li> <li>Check device security, recent updates, scheduled tasks, certificate policies, system core file access control</li> <li>Check host active sharing protocol-related information</li> <li>Check computer sleep, reboot frequency, abnormal shutdown, program crashes, etc.</li> <li>Execute all functions of options 1–6</li> <li>Generate analysis reports for "Device Driver Check", "Five-Day Warning Events", "Login/Logout Activity Logs", "Monthly Threat Overview"</li> <li>View guidance and development instructions</li> </ol>

By the way

Linux baseline check (PR) can be found at: <a href="https://github.com/al0ne/LinuxCheck">al0ne/LinuxCheck</a>. For Macs, maintaining these security services is not suitable for small and medium-sized businesses.

<ul> <li><a href="https://www.apple.com/business/docs/site/Mac_Deployment_Overview.pdf">Apple - Mac System Deployment</a></li> <li><a href="https://excalibra.github.io/2025/01-22/01">vmware - Correct Approach to Purchasing Apple Devices for Enterprises</a></li> </ul>

In the broader context, this article <a href="https://excalibra.github.io/2025/01-22/01">Three Methods to Manage Mac Computers in Enterprises</a> mentions management strategies that are considered effective, but compared to Windows, they are still not sufficient.

</details>

Windows Enterprise Basic Environment Requirements

Main Involves:

• IE, Windows Defender, Windows Update, Flash & Chrome v87, DingTalk silent installation, automatic printer installation
• File checksum tools: MD5, SHA1, SHA256 hash calculation, comparison, verification tools.
• C drive space cleanup: Application local cache, Windows.old, Windows upgrade logs, files, etc. One-click cleanup script (C drive Thanos script).
• Basic skills required for job positions, IQ and EQ assessment, salary range summary, and demand analysis.

<details> <summary><b>Click for Details</b></summary> <p>Prevent Edge hijacking IE <a href="#">Graphical Version</a></p> <pre><code>curl -L https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/refs/heads/main/d-bat/keep_ie.bat|cmd</code></pre> <ul> <li>Note【1】: <a href="https://dev.to/excalibra/batch-processing-for-setting-ie-homepage-trusted-security-zones-compatibility-view-and-m1j">Domain Controller IE Template Graphical Version</a></li> <li>Note【2】: Code Address: <a href="https://github.com/Excalibra/scripts/blob/main/d-bat/ie-kanzen.bat">https://github.com/Excalibra/scripts/blob/main/d-bat/ie-kanzen.bat</a></li> </ul> <p>Calculate IE compatible view website hex, one-click usage.</p> <pre><code> irm https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/refs/heads/main/d-pwsh/clac_ie_clearablelistdata_hex.ps1|iex </code></pre> <p>One-click permanently disable Windows update settings <a href="https://dev.to/excalibra/overview-of-creating-a-batch-file-to-disable-windows-updates-3ami">Graphical Version</a></p> <pre><code>curl -L https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/refs/heads/main/d-bat/stop_update.bat|cmd</code></pre> <p>One-click restore disabled Windows update settings</p> <pre><code>curl -L https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/refs/heads/main/d-bat/re_update.bat|cmd</code></pre> <p>One-click enable or disable Windows Defender real-time protection (discontinued, suggest using <a href="https://www.sordum.org/9480/defender-control-v2-1/">sordum.org/defender-control</a>)</p> <pre><code>curl -OfsSL https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/main/d-bat/choice_wdrt.bat&&call choice_wdrt.bat</code></pre> <p>C Drive Cleaner Script: One-click cleanup for local cache files from Foxmail, Windows.old, Windows upgrade logs, and other files.</p> <pre><code>curl -OfsSL https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/refs/heads/main/d-bat/thanos.bat&&call thanos.bat</code></pre> <p>One-click check if a program runs with administrator rights</p> <pre><code>curl -OfsSL https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/refs/heads/main/d-bat/nano_runas.bat&&call nano_runas.bat</code></pre> <p>One-click MD5, SHA1, SHA256 file verification tool</p> <pre><code>curl -OfsSL https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/main/d-bat/md5tools.bat&&call md5tools.bat</code></pre> <p>One-click install Flash and configure supported Chrome version 87</p> <pre><code>curl -OfsSL https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/main/d-bat/87_and_flash.bat&&call 87_and_flash.bat</code></pre> <p>One-click block Chrome browser updates</p> <pre><code>curl -OfsSL https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/main/d-bat/deny_chrome_update.bat&&call deny_chrome_update.bat</code></pre> <p>One-click PDF to PNG</p> <pre><code>python3 -c "$(curl -fsSL https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/main/d-python/PDFtoPNG.py)"</code></pre> <p>One-click fix for shared printer 0x11b error</p> <pre><code>curl -OfsSL https://ghfast.top/https://raw.githubusercontent.com/Excalibra/scripts/main/d-bat/fix_0x11b_share_print.bat&&call fix_0x11b_share_print.bat</code></pre> <p>One-click retrieve job position information and reference material websites</p> <pre><code>python3 -c "$(curl -fsSL #)"</code></pre> <p> Install specified Chrome and block updates: <a href="#"> only_install_chrome65.bat </a></p> </details>

Linux Cloud Server Security Transformation

Cloud servers purchased from cloud service providers generally have no security software protection. Every day, cybercriminals scan public networks, attempting to remotely brute-force and invade servers. Therefore, preventive and defensive measures need to be taken.

<details> <summary><b>Click for details</b></summary> <h3>One-click configuration for SSH login, user password policy, and Ban IP setup <a href="https://dev.to/excalibra/one-click-setup-for-ssh-login-password-policy-ip-ban-configuration-and-custom-admin-user-creation-4bd0">Image & Text Version</a></h3> <ul> <li>SSH Login: Key-based login without password, long heartbeat connection to prevent client disconnection</li> <li>Password Policy: No restrictions on special characters or case, supports minimum length of 4-5 characters</li> <li>Ban IP: Permanently ban IP after three failed login attempts within 30 seconds, except for your own IP.</li> </ul> <pre><code> sudo ba