| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2014-02-21 | Update Get-GPPPassword.ps1 | Chris Campbell | 1 | -12/+12 | |
| Bug fix of variables. | |||||
| 2014-02-21 | Major Revision of Get-GPPPasswords | mattifestation | 1 | -59/+141 | |
| Thanks @obscuresec! | |||||
| 2014-02-12 | Changed Inject-LogonCredentials name to Invoke-CredentialInjection | mattifestation | 1 | -1/+1 | |
| 2014-02-12 | Merge pull request #28 from clymb3r/master | Matt Graeber | 5 | -3423/+3432 | |
| Inject-LogonCredentials has been renamed to Invoke-CredentialInjection. | |||||
| 2014-02-12 | Inject-LogonCredentials has been renamed to Invoke-CredentialInjection. | clymb3r | 5 | -3423/+3432 | |
| Added a check to ensure the script isn't being run from Session0 with the "NewWinLogon" flag. This flag does not work in Session0 because winlogon.exe tries to load stuff from user32.dll which requires a desktop is present. This is not possible in Session0 because there is no desktop/GUI, so it causes winlogon to load and then immediately close with error code c0000142 indicating a DLL failed to initialize. There is no way to fix this that I know of, if you need to run the script from Session0 use the "ExistingWinLogon" flag. | |||||
| 2014-02-03 | Add Get-Entropy | mattifestation | 3 | -1/+111 | |
| 2014-02-03 | Removed mimikatz. | mattifestation | 289 | -16310/+0 | |
| This doesn't need to reside in PowerSploit. Those that are truly paranoid should validate that the embedded executable in Invoke-Mimikatz.ps1 is indeed mimikatz. This was causing AV to flag upon downloading PowerSploit. | |||||
| 2014-01-30 | Merge pull request #26 from obscuresec/master | Matt Graeber | 1 | -105/+130 | |
| Update Invoke-ReverseDnsLookup.ps1 | |||||
| 2014-01-30 | Update Invoke-ReverseDnsLookup.ps1 | Chris Campbell | 1 | -105/+130 | |
| Added pipeline support and verbose statement. | |||||
| 2014-01-25 | Generate a non-terminating error if there's a binding/framework version mismatch | mattifestation | 2 | -0/+5 | |
| The user should at least be made aware if they're using an unsupported framework library version. | |||||
| 2014-01-25 | Upgraded Capstone framework libs to 2.0 | mattifestation | 2 | -0/+0 | |
| These are the compiled libs straight from http://www.capstone-engine.org/download.html | |||||
| 2014-01-25 | Disable non-standard cmdlet verb checking | mattifestation | 1 | -1/+1 | |
| 2014-01-19 | Capstone.dll returns the correct number of operands now. | mattifestation | 1 | -0/+0 | |
| 2014-01-19 | Capstone module now incorporates framework 2.0RC1 | mattifestation | 10 | -127/+176 | |
| * I also moved the contents of Get-CSDisassembly.ps1 into Capstone.psm1 | |||||
| 2014-01-11 | Merge pull request #25 from clymb3r/master | Matt Graeber | 1 | -32/+142 | |
| Bug fixes for Invoke-TokenManipulation | |||||
| 2014-01-10 | Bug fixes for Invoke-TokenManipulation | clymb3r | 1 | -32/+142 | |
| Processes could not be started when the script was being run from Session 0. The fix is to use the CreateProcessAsUserW function when running in Session 0. This API requires SeAssignPrimaryTokenPrivilege priviege, so for non-session0 calls I still use CreateProcessWithTokenW which does not require special privileges. | |||||
| 2014-01-04 | Updated usage documentation | mattifestation | 1 | -2/+3 | |
| 2014-01-04 | Updated C# Capstone binding to latest version | mattifestation | 1 | -0/+0 | |
| 2014-01-01 | Fixes #23 - $Password was not being cleared | mattifestation | 1 | -0/+1 | |
| 2013-12-26 | Adding 64-bit lib file | mattifestation | 2 | -1/+0 | |
| 2013-12-26 | Major update to Capstone disassembly module | mattifestation | 4 | -16/+13 | |
| * Refactor of C# capstone binding * Now compatible in 32 and 64-bit PowerShell | |||||
| 2013-12-22 | Added Capstone Engine PowerShell binding | mattifestation | 10 | -0/+266 | |
| Consider this to be an alpha release until the C# binding is published. | |||||
| 2013-11-18 | Added Inject-LogonCredentials to README | mattifestation | 1 | -0/+4 | |
| 2013-11-18 | Merge pull request #21 from clymb3r/master | Matt Graeber | 18 | -1/+4428 | |
| Adding Inject-LogonCredentials | |||||
| 2013-11-17 | Adding Inject-LogonCredentials | clymb3r | 18 | -1/+4428 | |
| 2013-11-13 | Normalized all scripts to ASCII encoding | mattifestation | 58 | -91/+91 | |
| 2013-11-07 | Get-ILDisassembly now accepts ConstructorInfo objects | mattifestation | 1 | -3/+4 | |
| 2013-11-07 | Get-ILDisassembly now displays metadata tokens. | mattifestation | 2 | -1/+9 | |
| * Having metadata tokens displayed in output helps with reverse engineering because you can pass metadata tokens to System.Reflection.Module.ResolveMember and then easily interact with the member in question. * I also fixed a bug when displaying integer constants. I wasn't doing an endian swap. | |||||
| 2013-11-04 | Merge pull request #19 from clymb3r/master | Matt Graeber | 1 | -2/+2 | |
| Updated Invoke-TokenManipulation help | |||||
| 2013-11-04 | Updated Invoke-TokenManipulation help | clymb3r | 1 | -2/+2 | |
| 2013-11-04 | Added Invoke-TokenManipulation to README.md | mattifestation | 1 | -0/+4 | |
| 2013-11-04 | Merge pull request #18 from clymb3r/master | Matt Graeber | 2 | -1/+1774 | |
| Adding Invoke-TokenManipulation | |||||
| 2013-11-03 | Adding Invoke-TokenManipulation | clymb3r | 2 | -1/+1774 | |
| 2013-11-03 | Fix for hostfiles option in powershell 2 | webstersprodigy | 1 | -2/+2 | |
| 2013-11-03 | Updated usage tip | mattifestation | 1 | -1/+4 | |
| 2013-11-03 | Added a usage tip | mattifestation | 1 | -0/+2 | |
| Added a one-liner for PSv3 that will remove the annoying warnings that are displayed when importing scripts downloaded from the Internet. | |||||
| 2013-11-03 | Slight clarification to license statement | mattifestation | 1 | -1/+1 | |
| 2013-11-03 | Modified license verbiage | mattifestation | 1 | -1/+1 | |
| 2013-11-03 | Added exfil script synopses to README.md | mattifestation | 1 | -0/+8 | |
| Descriptions for Invoke-NinjaCopy and Invoke-Mimikatz were added to the readme. | |||||
| 2013-11-03 | Fixed minor logic bug in C type undecorated symbols | mattifestation | 1 | -1/+8 | |
| 2013-11-03 | Added Get-LibSymbols | mattifestation | 4 | -2/+313 | |
| Get-LibSymbols parses Microsoft .lib files and displays decorated and undecorated symbols. | |||||
| 2013-10-23 | Merge pull request #17 from webstersprodigy/portscan-hostlist-fix | Matt Graeber | 1 | -2/+2 | |
| Fix for hostfiles option in powershell 2 | |||||
| 2013-10-22 | Fix for hostfiles option in powershell 2 | webstersprodigy | 1 | -2/+2 | |
| 2013-10-05 | Updated usage tip | mattifestation | 1 | -1/+4 | |
| 2013-10-05 | Added a usage tip | mattifestation | 1 | -0/+2 | |
| Added a one-liner for PSv3 that will remove the annoying warnings that are displayed when importing scripts downloaded from the Internet. | |||||
| 2013-10-05 | Slight clarification to license statement | mattifestation | 1 | -1/+1 | |
| 2013-10-05 | Merge pull request #16 from clymb3r/master | Matt Graeber | 3 | -8/+8 | |
| Switching to ANSI from UTF8 encoding | |||||
| 2013-10-01 | Switching to ANSI from UTF8 encoding | clymb3r | 3 | -8/+8 | |
| Scripts now work in 2008r2. I thought I tested before uploading but something broke somehow... Now the scripts work in 2008r2 and win8+ | |||||
| 2013-10-01 | Modified license verbiage | mattifestation | 1 | -1/+1 | |
| 2013-10-01 | Added exfil script synopses to README.md | mattifestation | 1 | -0/+8 | |
| Descriptions for Invoke-NinjaCopy and Invoke-Mimikatz were added to the readme. | |||||