└── README.md


/README.md:
--------------------------------------------------------------------------------
 1 | ## Various custom queries/Cypher tricks developed over the years
 2 | 
 3 | All of these queries work great with Max's query module!
 4 | 
 5 | 
 6 | 
 7 | Generic, return the full path returned in text format. Output: `nodename - edge -> nodename - edge -> nodename ...`
 8 | ```
 9 | match p=<INPUT PATH>
10 | WITH [node in nodes(p) | coalesce(node.name, '')] as nodeLabels,
11 |     [rel in relationships(p) | type(rel)] as relationshipLabels,
12 |     length(p) as path_len
13 | WITH reduce(path='', x in range(0,path_len-1) | path + nodeLabels[x] + " - " + relationshipLabels[x] + " -> ") as path,
14 |     nodeLabels[path_len] as final_node
15 | return path + final_node as full_path
16 | ```
17 | 
18 | 
19 | Based off NetSPI's PowerUpSQL Get-SQLInstanceDomain, used to pull SPNs with the MSSQL service
20 | ```
21 | match (n {hasspn:true}) unwind [spn in n.serviceprincipalnames where spn starts with "MSSQLSvc"] as list return n.name, list
22 | ```
23 | 
24 | 
25 | Converting Epoch time into human readable dates
26 | ```
27 | MATCH (u:User) WHERE u.pwdlastset < (datetime().epochseconds - ({days} * 86400)) AND NOT u.pwdlastset IN [-1.0,0.0] RETURN u.name,date(datetime({{epochSeconds:toInteger(u.pwdlastset)}})) AS changedate ORDER BY changedate DESC
28 | ```
29 | 


--------------------------------------------------------------------------------