diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 35 |
1 files changed, 26 insertions, 9 deletions
@@ -20,10 +20,6 @@ Injects shellcode into the process ID of your choosing or within PowerShell loca Execute shellcode within the context of the running PowerShell process without making any Win32 function calls. -#### `Watch-BlueScreen` - -Cause a blue screen to occur (Windows 7 and below). - ## ScriptModification **Modify and/or prepare scripts for execution on a compromised machine.** @@ -60,6 +56,14 @@ Configure elevated persistence options for the Add-Persistence function. Add persistence capabilities to a script. +#### `Install-SSP` + +Installs a security support provider (SSP) dll. + +#### `Get-SecurityPackages` + +Enumerates all loaded security packages (SSPs). + ## PETools **Parse/manipulate Windows portable executables.** @@ -112,10 +116,6 @@ Marshals data from an unmanaged block of memory in an arbitrary process to a new A proxy function used to extend the built-in Get-Member cmdlet. It adds the '-Private' parameter allowing you to display non-public .NET members -#### `New-Object` - -A proxy function for New-Object that accepts a CLSID with the -ComObject parameter. - #### `Get-Strings` Dumps strings from files in both Unicode and Ascii. This cmdlet replicates the functionality of strings.exe from Sysinternals. @@ -192,10 +192,27 @@ Lists the device paths of all local volume shadow copies. Mounts a volume shadow copy. +#### `Get-VaultCredential` + +Displays Windows vault credential objects including cleartext web credentials. + #### `Out-Minidump` Generates a full-memory minidump of a process. +## Mayhem + +**Cause general mayhem with PowerShell.** + +#### `Set-MasterBootRecord` + +Proof of concept code that overwrites the master boot record with the + message of your choice. + +#### `Set-CriticalProcess` + +Causes your machine to blue screen upon exiting PowerShell. + ## Recon **Tools to aid in the reconnaissance phase of a penetration test.** @@ -250,7 +267,7 @@ Note: The tools contained within this module were all designed such that they ca **For all contributors and future contributors to PowerSploit, I ask that you follow this style guide when writing your scripts/modules.** -* Avoid Write-Host **at all costs**. You should output custom objects instead. For more information on creating custom objects, read these articles: +* Avoid Write-Host **at all costs**. PowerShell functions/cmdlets are not command-line utilities! Pull requests containing code that uses Write-Host will not be considered. You should output custom objects instead. For more information on creating custom objects, read these articles: * <http://blogs.technet.com/b/heyscriptingguy/archive/2011/05/19/create-custom-objects-in-your-powershell-script.aspx> * <http://technet.microsoft.com/en-us/library/ff730946.aspx> |