diff options
Diffstat (limited to 'PowerSploit.psd1')
| -rw-r--r-- | PowerSploit.psd1 | 159 |
1 files changed, 140 insertions, 19 deletions
diff --git a/PowerSploit.psd1 b/PowerSploit.psd1 index 678294b..bc482e1 100644 --- a/PowerSploit.psd1 +++ b/PowerSploit.psd1 @@ -3,7 +3,7 @@ ModuleToProcess = 'PowerSploit.psm1' # Version number of this module. -ModuleVersion = '1.0.0.0' +ModuleVersion = '3.0.0.0' # ID used to uniquely identify this module GUID = '6753b496-d842-40a3-924a-0f09e248640c' @@ -11,35 +11,156 @@ GUID = '6753b496-d842-40a3-924a-0f09e248640c' # Author of this module Author = 'Matthew Graeber' -# Company or vendor of this module -CompanyName = '' - # Copyright statement for this module Copyright = 'BSD 3-Clause' # Description of the functionality provided by this module -Description = 'PowerSploit Root Module' +Description = 'PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers and red team operator during all phases of an engagement.' # Minimum version of the Windows PowerShell engine required by this module PowerShellVersion = '2.0' # Functions to export from this module -FunctionsToExport = '*' +FunctionsToExport = @( + 'Add-NetUser', + 'Add-ObjectAcl', + 'Add-Persistence', + 'Convert-NameToSid', + 'Convert-NT4toCanonical', + 'Convert-SidToName', + 'Copy-ClonedFile', + 'Find-AVSignature', + 'Find-ComputerField', + 'Find-DLLHijack', + 'Find-ForeignGroup', + 'Find-ForeignUser', + 'Find-GPOComputerAdmin', + 'Find-GPOLocation', + 'Find-InterestingFile', + 'Find-LocalAdminAccess', + 'Find-PathHijack', + 'Find-UserField', + 'Get-ADObject', + 'Get-ApplicationHost', + 'Get-CachedRDPConnection', + 'Get-ComputerDetails', + 'Get-ComputerProperty', + 'Get-DFSshare', + 'Get-DomainPolicy', + 'Get-ExploitableSystem', + 'Get-GPPPassword', + 'Get-HttpStatus', + 'Get-Keystrokes', + 'Get-LastLoggedOn', + 'Get-NetComputer', + 'Get-NetDomain', + 'Get-NetDomainController', + 'Get-NetDomainTrust', + 'Get-NetFileServer', + 'Get-NetForest', + 'Get-NetForestCatalog', + 'Get-NetForestDomain', + 'Get-NetForestTrust', + 'Get-NetGPO', + 'Get-NetGPOGroup', + 'Get-NetGroup', + 'Get-NetGroupMember', + 'Get-NetLocalGroup', + 'Get-NetLoggedon', + 'Get-NetOU', + 'Get-NetProcess', + 'Get-NetRDPSession', + 'Get-NetSession', + 'Get-NetShare', + 'Get-NetSite', + 'Get-NetSubnet', + 'Get-NetUser', + 'Get-ObjectAcl', + 'Get-PathAcl', + 'Get-Proxy', + 'Get-RegAlwaysInstallElevated', + 'Get-RegAutoLogon', + 'Get-SecurityPackages', + 'Get-ServiceDetail', + 'Get-ServiceFilePermission', + 'Get-ServicePermission', + 'Get-ServiceUnquoted', + 'Get-TimedScreenshot', + 'Get-UnattendedInstallFile', + 'Get-UserEvent', + 'Get-UserProperty', + 'Get-VaultCredential', + 'Get-VolumeShadowCopy', + 'Get-VulnAutoRun', + 'Get-VulnSchTask', + 'Get-Webconfig', + 'Install-ServiceBinary', + 'Install-SSP', + 'Invoke-ACLScanner', + 'Invoke-AllChecks', + 'Invoke-CheckLocalAdminAccess', + 'Invoke-CredentialInjection', + 'Invoke-DllInjection', + 'Invoke-EnumerateLocalAdmin', + 'Invoke-EventHunter', + 'Invoke-FileFinder', + 'Invoke-MapDomainTrust', + 'Invoke-Mimikatz', + 'Invoke-NinjaCopy', + 'Invoke-Portscan', + 'Invoke-ProcessHunter', + 'Invoke-ReflectivePEInjection', + 'Invoke-ReverseDnsLookup', + 'Invoke-ServiceAbuse', + 'Invoke-ShareFinder', + 'Invoke-Shellcode', + 'Invoke-TokenManipulation', + 'Invoke-UserHunter', + 'Invoke-WmiCommand', + 'Mount-VolumeShadowCopy', + 'New-ElevatedPersistenceOption', + 'New-UserPersistenceOption', + 'New-VolumeShadowCopy', + 'Out-CompressedDll', + 'Out-EncodedCommand', + 'Out-EncryptedScript', + 'Out-Minidump', + 'Remove-Comments', + 'Remove-VolumeShadowCopy', + 'Restore-ServiceBinary', + 'Set-ADObject', + 'Set-CriticalProcess', + 'Set-MacAttribute', + 'Set-MasterBootRecord', + 'Write-HijackDll', + 'Write-ServiceBinary', + 'Write-UserAddMSI' +) -# Cmdlets to export from this module -CmdletsToExport = '*' +# List of all modules packaged with this module. +ModuleList = @( @{ModuleName = 'AntivirusBypass'; ModuleVersion = '3.0.0.0'; GUID = '7cf9de61-2bfc-41b4-a397-9d7cf3a8e66b'}, + @{ModuleName = 'CodeExecution'; ModuleVersion = '3.0.0.0'; GUID = 'a8a6780b-e694-4aa4-b28d-646afa66733c'}, + @{ModuleName = 'Exfiltration'; ModuleVersion = '3.0.0.0'; GUID = '75dafa99-1402-4e29-b5d4-6c87da2b323a'}, + @{ModuleName = 'Recon'; ModuleVersion = '3.0.0.0'; GUID = '7e775ad6-cd3d-4a93-b788-da067274c877'}, + @{ModuleName = 'ScriptModification'; ModuleVersion = '3.0.0.0'; GUID = 'a4d86266-b39b-437a-b5bb-d6f99aa6e610'}, + @{ModuleName = 'Persistence'; ModuleVersion = '3.0.0.0'; GUID = '633d0f10-a056-41da-869d-6d2f75430195'}, + @{ModuleName = 'PrivEsc'; ModuleVersion = '3.0.0.0'; GUID = 'efb2a78f-a069-4bfd-91c2-7c7c0c225f56'} ) -# Variables to export from this module -VariablesToExport = '' +PrivateData = @{ -# Aliases to export from this module -AliasesToExport = '' + PSData = @{ + + # Tags applied to this module. These help with module discovery in online galleries. + Tags = @('security','pentesting','red team','offense') + + # A URL to the license for this module. + LicenseUri = 'http://www.apache.org/licenses/LICENSE-2.0.html' + + # A URL to the main website for this project. + ProjectUri = 'https://github.com/PowerShellMafia/PowerSploit' + + } + +} -# List of all modules packaged with this module. -ModuleList = @( @{ModuleName = 'AntivirusBypass'; ModuleVersion = '1.0.0.0'; GUID = '7cf9de61-2bfc-41b4-a397-9d7cf3a8e66b'}, - @{ModuleName = 'CodeExecution'; ModuleVersion = '1.0.0.0'; GUID = 'a8a6780b-e694-4aa4-b28d-646afa66733c'}, - @{ModuleName = 'Exfiltration'; ModuleVersion = '1.0.0.0'; GUID = '75dafa99-1402-4e29-b5d4-6c87da2b323a'}, - @{ModuleName = 'Recon'; ModuleVersion = '1.0.0.0'; GUID = '7e775ad6-cd3d-4a93-b788-da067274c877'}, - @{ModuleName = 'ScriptModification'; ModuleVersion = '1.0.0.0'; GUID = 'a4d86266-b39b-437a-b5bb-d6f99aa6e610'}, - @{ModuleName = 'Persistence'; ModuleVersion = '1.0.0.0'; GUID = '633d0f10-a056-41da-869d-6d2f75430195'} ) } |