aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-08-17Explicitly casting types as [Type]v2.2Matt Graeber2-6/+6
The latest version of .NET added generics to many of the InteropService methods. Therefore, all of my uses of types need to be explicitly cast with [Type].
2013-08-17Added ps1xml file for Get-ILDisassemblyMatt Graeber3-3/+46
Output from Get-ILDisassembly is slightly cleaner.
2013-08-17Removing Get-PEArchitectureMatt Graeber3-100/+1
This functionality is present and maintained in Get-PEHeader.
2013-08-17Get-Keystrokes now accepts relative pathsMatt Graeber1-1/+3
2013-08-17Out-Minidump now provides descriptive outputMatt Graeber1-2/+2
Out-Minidump now outputs a FileInfo object (i.e. the same output as Get-ChildItem) upon successfully creating a dump file.
2013-08-17Added additional error handling to Get-GPPPasswordMatt Graeber1-3/+10
2013-08-17Merge pull request #11 from hajdbo/patch-1Matt Graeber1-2/+2
added ErrorAction SilentlyContinue to Get-ChildItem
2013-08-16Compiler parameters were not applied to Add-TypeMatt Graeber1-4/+2
The compiler parameters were not being applied to Add-Type in Get-PEHeader. Derp. This led to unexpected errors when Visual Studio environment variables were defined.
2013-08-12added ErrorAction SilentlyContinue to Get-ChildItemhajdbo1-2/+2
Sometimes you will have a denied access to a directory. "ErrorAction SilentlyContinue" will continue searching recursively in \SYSVOL even when it encounters a directory where access is denied.
2013-07-28Get-PEHeader can now return raw section dataMatt Graeber1-7/+45
2013-07-28Latest version of .NET Framework broke Get-PEHeaderMatt Graeber1-15/+15
To fix this, I needed to explicitly cast types in the SizeOf and PtrToStructure methods.
2013-07-11Latest version of .NET Framework broke Get-PEBMatt Graeber1-12/+12
To fix this, I needed to explicitly cast types in the SizeOf and PtrToStructure methods.
2013-07-09Added Get-ObjDumpMatt Graeber4-2/+1007
Get-ObjDump parses and return information about one or more Windows object files. It is similar to dumpbin but it returns objects!
2013-07-06Merge pull request #10 from mattifestation/webstersprodigy-PortscanMatt Graeber3-2/+1094
Webstersprodigy portscan
2013-07-06Added Invoke-Portscan to READMEMatt Graeber1-0/+4
2013-07-06Merge branch 'Portscan' of https://github.com/webstersprodigy/PowerSploit ↵Matt Graeber2-2/+1090
into webstersprodigy-Portscan Conflicts: Recon/Recon.psd1
2013-07-04Forgot to add CodeIntegrityInformation to helpMatt Graeber1-0/+4
2013-07-04Get-NtSystemInformation can now query UMCI infoMatt Graeber2-0/+55
Get-NtSystemInformation now returns SystemCodeIntegrityInformation - i.e. user-mode code integrity settings. This required reverse engineering a dll that is only present on Windows 8 ARM devices.
2013-07-04Merge pull request #9 from obscuresec/masterMatt Graeber2-6/+6
Bug fix for error handling
2013-07-03Update Get-TimedScreenshot.ps1Chris Campbell1-5/+5
Fix error handling and various style problems
2013-07-03Fix improper use of $Error[0]Chris Campbell1-1/+1
2013-07-03Merge pull request #8 from obscuresec/masterMatt Graeber1-1/+5
Add checks to terminate script if not running in proper environment.
2013-07-03Terminating Errors AddedChris Campbell1-1/+5
Added checks to ensure that the script is being ran on a domain-joined machine and with a domain account.
2013-07-03Updated Get-GPPPasswordMatt Graeber5-113/+133
2013-06-30Added Get-KeystrokesMatt Graeber3-1/+252
Get-Keystrokes is a PowerShell keylogger
2013-06-25IPv6 support in hosts paramRich Lundeen1-11/+14
2013-06-18fixing EOL spaces (again, sorry)Rich Lundeen1-3/+0
2013-06-18fixing EOL spacesRich Lundeen1-24/+13
2013-06-18Addressed mattifestation feedbackRich Lundeen1-235/+275
See https://github.com/mattifestation/PowerSploit/pull/6#issuecomment-19289063 1) I like this feedback a lot and took it. 2) I tried going thread only but it got messed up with very large scans. Eventually, I didn't think it was worth the amount of effort to make it reliable with only threads 3) Tried to do this 4) Did this 5) I like the idea in general and I took this one place (top-ports), but not for the two examples you gave. The reasoning is, I want people to be able to specify various options and arrays aren't that flexible. For example, I want people to specify a port list like "80,90,8080-8090". Similar with CIDR, since that's one option, but they could also be specifying hostnames e.g. "google.com,192.168.1.1/24,10.0.0.1"
2013-06-11small style updateRich Lundeen1-3/+3
2013-06-11Powershell 2.0 fixes - should work nowRich Lundeen1-124/+165
2013-06-10fixing powershell 2.0 compatRich Lundeen1-6/+18
2013-06-09removed a few commentsRich Lundeen1-6/+0
2013-06-09added invoke-portscan moduleRich Lundeen2-1/+1013
2013-06-08New-Object proxy function compatibility fixMatt Graeber1-0/+0
I was calling the [Guid]::TryParse method that was only present in .NET 4 so this wasn't working in PowerShell v2.
2013-06-05Forgot to add -Property param to CLSID optionMatt Graeber1-0/+0
2013-06-05Added New-Object proxy functionMatt Graeber3-1/+5
You can provide a CLSID (i.e. a Guid) to New-Object via the -ComObject parameter in addition to a ProgId.
2013-06-01Type names added to Get-NtSystemInformationMatt Graeber2-4/+227
When displaying handle information, you can now filter by and display object type names: Get-NtSystemInformation
2013-05-31Added Invoke-ReflectivePEInjectionMatt Graeber56-1551/+4246
Another awesome addition from Joe Bialek. Invoke-ReflectivePEInjection is a vast improvement over Invoke-ReflectiveDllInjection. It adds the following features: * Now supports loading exe files in memory * Supports reflective dll injection into a remote process * Additional sample Visual Studio solutions
2013-05-31Fixed architecture detection bug in Get-PEBMatt Graeber1-1/+1
I was checking processor architecture when I should have been checking OS architecture.
2013-05-29Silly me. Just discovered the SetOffset method.Matt Graeber1-77/+75
Thanks @JosephBialek!
2013-05-25ProcessParameters now displays properlyMatt Graeber1-6/+3
2013-05-24Get-PEB now parses _RTL_USER_PROCESS_PARAMETERSMatt Graeber2-1/+201
2013-05-18"Best practice" improvements to Out-MinidumpMatt Graeber1-42/+39
2013-05-16_SYSTEM_HANDLE_INFORMATION prints as a table nowMatt Graeber1-34/+56
2013-05-16Added _SYSTEM_LOCK_INFORMATION structMatt Graeber2-1/+119
Yet another method of leaking kernel pointers.
2013-05-15Added Out-MinidumpMatt Graeber3-1/+139
Out-Minidump writes a process dump file with all process memory to disk. This is similar to running procdump.exe with the '-ma' switch.
2013-05-13Cleaned up Get-NtSystemInformationMatt Graeber1-2385/+81
* Removed the unnecessary NTSTATUS entries * Used splatting instead of backticks * Fixed a n00b memory management error as well.
2013-05-13Added an idiot filter to Watch-BlueScreenMatt Graeber1-3/+7
2013-05-13Added Watch-BlueScreenMatt Graeber3-1/+79
Causes a blue-screen (bugcheck) to occur.
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-25 22:06:37 +0000