| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2016-05-09 | Began adding custom PSObject TypeNames to various PowerView output objects. | Harmj0y | 1 | -7/+27 | |
| 2016-05-03 | Added Get-RegistryMountedDrive | Harmj0y | 1 | -6/+120 | |
| 2016-04-27 | Modified Convert-DNSRecord to return the base64 encoded record for record ↵ | Harmj0y | 1 | -52/+26 | |
| types not currently handled. | |||||
| 2016-04-27 | Added Get-DNSZone and Get-DNSRecord to enumerate AD DNS information. | Harmj0y | 1 | -0/+360 | |
| Added Convert-DNSRecord (ported from Michael B. Smith's code at https://raw.githubusercontent.com/mmessano/PowerShell/master/dns-dump.ps1) - needs expansion work on record types | |||||
| 2016-04-25 | Changed some property types in Get-ObjectACL | Harmj0y | 1 | -2/+9 | |
| 2016-04-24 | added Request-SPNTicket to request kerberos tickets for specified SPNs | Harmj0y | 1 | -0/+48 | |
| 2016-04-24 | For PowerView, added $Searcher.CacheResults = $False to Get-DomainSearcher | Harmj0y | 1 | -19/+71 | |
| Added dispose() approach for the following cmdlets: Get-NetUser, Get-ObjectAcl/Add-ObjectAcl, Get-GUIDMap, Get-NetComputer, Get-ADObject, Get-NetOU, Get-NetSite, Get-NetSubnet, Get-NetGroup, Get-NetGroupMember, Get-DFSshare, Get-NetGPO, Get-NetDomainTrust | |||||
| 2016-04-24 | Merge pull request #128 from Meatballs1/fix_groups_xml | HarmJ0y | 1 | -2/+2 | |
| //Group -> //Groups | |||||
| 2016-04-11 | Merge pull request #125 from leechristensen/patch-1 | HarmJ0y | 1 | -1/+1 | |
| Change ComputerName default to the computer's name | |||||
| 2016-04-11 | Change ComputerName default to the computer's name | leechristensen | 1 | -1/+1 | |
| Change ComputerName default so Disabled doesn't report error | |||||
| 2016-04-08 | Merge pull request #122 from joncave/patch-1 | HarmJ0y | 1 | -0/+1 | |
| Find-PathHijack: Expand environment variables in path | |||||
| 2016-04-03 | //Group -> //Groups | Meatballs | 1 | -2/+2 | |
| 2016-03-20 | Find-PathHijack: Expand environment variables in path | Jon Cave | 1 | -0/+1 | |
| Paths containing environment variables can cause false-positives to occur, e.g. `%SystemRoot%\system32\WindowsPowerShell\v1.0\`. `Find-PathHijack` will believe this is a relative path and will report it as hijackable if the current directory is writeable. | |||||
| 2016-03-18 | Bug fix in Find-GPOLocation | Harmj0y | 1 | -5/+9 | |
| 2016-03-15 | Added Get-SiteName to find the site a computer is a part of | Harmj0y | 1 | -101/+288 | |
| Added -ComputerName parameter to Get-NetGPO to enumerate all GPOs a given computer has applied Fixed bug in Find-GPOComputerAdmin and added site enumeration for GPO links | |||||
| 2016-03-15 | Moved admin check for Get-System to allow for RevToSelf | Harmj0y | 1 | -4/+4 | |
| 2016-03-11 | Added Get-System to Privesc/ | Harmj0y | 3 | -3/+636 | |
| Added Pester tests for Get-System | |||||
| 2016-03-11 | Additional error checking in Get-DFSshare | Harmj0y | 1 | -9/+10 | |
| 2016-03-11 | Merge pull request #118 from Meatballs1/dfs_v1_pkt | HarmJ0y | 1 | -6/+198 | |
| Parse DFSv1 PKT | |||||
| 2016-03-10 | Get-TimedScreenshot enhancement. Issue #114 | Matt Graeber | 1 | -2/+18 | |
| Get-TimedScreenshot now captures the entire screen. The screen resolution is obtained via WMI. If for some reason that fails, it will fall back to the old, less ideal method. | |||||
| 2016-03-10 | Bugfix: Invoke-TokenManipulation. Issue #112 | Matt Graeber | 1 | -6/+19 | |
| Fixed the PSv4 dependency for obtaining process ownership information. Thanks to @mmashwani for suggesting the WMI solution. | |||||
| 2016-03-09 | Fixed bug with Get-NetGroupMember and computer accounts. | Harmj0y | 1 | -33/+15 | |
| samaccounttype enumeration now more accurate. | |||||
| 2016-03-09 | fix for Find-GPOComputerAdmin | Harmj0y | 1 | -3/+15 | |
| 2016-03-09 | Bug fix for Invoke-EnumerateLocalAdmin | Harmj0y | 1 | -5/+4 | |
| 2016-03-09 | Removed Set-MacAttribute and Copy-ClonedFile | Harmj0y | 2 | -234/+117 | |
| Combined Convert-NT4toCanonical and Convert-DomainSimpletoNT4 into Convert-ADName | |||||
| 2016-03-07 | Added New-GPOImmediateTask | Harmj0y | 1 | -12/+220 | |
| 2016-03-07 | DomainOnly tweak | Harmj0y | 1 | -5/+4 | |
| 2016-03-07 | Added -DomainOnly flag to Invoke-EnumerateLocalAdmin | Harmj0y | 1 | -9/+23 | |
| 2016-03-07 | renamed output field for Get-NetLocalGroup API | Harmj0y | 1 | -1/+1 | |
| 2016-03-07 | Added NetLocalGroupGetMembers enumeration method for Get-NetLocalGroup with ↵ | Harmj0y | 1 | -151/+302 | |
| the -API flag Fixed threading specification in most threaded functions. | |||||
| 2016-03-07 | Parse DFSv1 PKT | Meatballs | 1 | -6/+198 | |
| 2016-03-06 | Added additional fields to Get-NetLocalGroup results. | Harmj0y | 1 | -22/+63 | |
| 2016-02-28 | Modified output of Find-GPOLocation to return more object information. | Harmj0y | 1 | -26/+48 | |
| 2016-02-28 | -fixed several bugs in Find-GPOLocation (-GroupName now works properly and ↵ | Harmj0y | 1 | -132/+147 | |
| Sites returned) -Find-GPOLocation with no arguments now returns all mappings -fixed parsing issue in Get-NetGPOGroup- names now properly extracted from restricted group templates | |||||
| 2016-02-12 | Added Pester tests for Get-SiteListPassword | Harmj0y | 2 | -2/+95 | |
| Encrypted password check for Get-SiteListPassword fields | |||||
| 2016-02-12 | Added additional search paths, code cleanup. | Harmj0y | 1 | -42/+14 | |
| 2016-02-11 | Added Get-SiteListPassword to decrypt McAfee SiteList.xml file passwords. | Harmj0y | 2 | -1/+203 | |
| 2016-02-11 | Most ldap-based search functions now accept a -Credential argument for ↵ | Harmj0y | 1 | -1084/+1427 | |
| querying from non-domain joined machines without a runas Changed several functions to filters, where appropriate. Get-NetShare, Get-NetSession, Get-NetLoggedOn, Get-NetRDPSession, Invoke-CheckLocalAdminAccess, Get-LastLoggedOn, Get-CachedRDPConnection, Get-NetProcess are now filters, better handle pipeline input, and now return an augmented result object with the queried ComputerName as a field Replaced RemoteUserName/RemotePassword with -Credential parameter in Get-CachedRDPConnection and Get-NetProcess modified output object for Get-NetShare to be a proper object Various bug fixes and better parameter validation | |||||
| 2016-01-25 | Merge pull request #111 from sagishahar/dev | HarmJ0y | 1 | -3/+3 | |
| Fix 'Install-ServiceBinary' for non-'Modifiable' files | |||||
| 2016-01-25 | Merge pull request #108 from sagishahar/master | HarmJ0y | 2 | -55/+195 | |
| Add 'CanRestart' to output and Pester tests | |||||
| 2016-01-17 | Fix 'Install-ServiceBinary' for non-'Modifiable' files | sagishahar | 1 | -3/+3 | |
| The 'Install-ServiceBinary' function fails on an edge case where the service's file permission does not include the 'Modify' permission but does include the 'Write' permission (https://technet.microsoft.com/en-au/library/dd349321(v=ws.10).aspx). In this scenario, renaming the original service file for backup purposes will result in 'Access Denied' message. Fixing this requires that the file be copied to service.exe.bak instead of renamed to service.exe.bak. | |||||
| 2016-01-14 | Merge pull request #107 from secabstraction/dev | Matt Graeber | 2 | -206/+376 | |
| new Get-Keystrokes | |||||
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 1 | -0/+2 | |
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 1 | -2/+0 | |
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 1 | -1/+1 | |
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 2 | -12/+12 | |
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 2 | -7/+11 | |
| 2016-01-13 | Merge pull request #110 from PowerShellMafia/master | Matt Graeber | 1 | -1/+2 | |
| Merging Invoke-TokenManipulation fix into dev | |||||
| 2016-01-13 | Merge pull request #109 from mmashwani/master | Matt Graeber | 1 | -1/+2 | |
| Don't search for SYSTEM token by using hard coded English name | |||||
| 2016-01-13 | Don't search for SYSTEM token by using hard coded English name for SYSTEM ↵ | mmashwani | 1 | -1/+2 | |
| account. Translate SYSTEM SID to NTAccount to maintain compatibility across languages. | |||||