| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2015-12-16 | Removed all version numbers from scripts | Matt Graeber | 11 | -77/+5 | |
| Scripts in a module should not be individually versioned. Only the module should be versioned. | |||||
| 2015-12-16 | Added volume shadow copy functions to README.md | PowerShellMafia | 1 | -1/+9 | |
| 2015-12-16 | Update README.md | PowerShellMafia | 1 | -4/+11 | |
| 2015-12-16 | Added a slight delay to Invoke-DllInjection validation | Matt Graeber | 1 | -2/+4 | |
| In some cases, the loaded module would show up as loaded after the check occurred. | |||||
| 2015-12-16 | Invoke-DllInjection detects OS arch on all OSes | Matt Graeber | 1 | -6/+4 | |
| This fix addresses issue #99. While I'm not the biggest fan of performing tests based on environment variables, I felt that making additional Win32 API calls would have been overkill. | |||||
| 2015-12-16 | Fixed Add-Persistence. Issue #98 | Matt Graeber | 1 | -1/+2 | |
| 2015-12-16 | Fixed mangled decrypted script output | Matt Graeber | 1 | -2/+3 | |
| Addresses issue #80. This was a tricky fix because the script should ideally handle Unicode and Ascii encoded scripts. I haven't tested scripts with international characters but I would imagine those script would get mangled since the decrypted output is ultimately normalized to ascii. | |||||
| 2015-12-16 | Fixed Invoke-WmiCommand credential popup issue | Matt Graeber | 1 | -1/+1 | |
| Easy fix to issue #97 | |||||
| 2015-12-15 | Merge pull request #91 from FixTheExchange/patch-1 | PowerShellMafia | 1 | -4/+9 | |
| Update Invoke-TokenManipulation.ps1 to address Win 10 incompatibility | |||||
| 2015-12-15 | Invoke-WmiCommand is now PSv2 compatible | Matt Graeber | 1 | -6/+19 | |
| This bug fix addresses issue #96. As much as a hate dropping files to disk, this was the easiest way to preserve objects in PSv2+. If someone want to implement the [de]serialization themselves and keep everything in memory, please submit a PR. | |||||
| 2015-12-15 | Invoke-WmiCommand now obtains full powershell path | Matt Graeber | 1 | -2/+16 | |
| Addresses issue #95. | |||||
| 2015-12-14 | Invoke-DllInjection Pester test improvement | Matt Graeber | 1 | -7/+7 | |
| The test dll I now use is advpack.dll since that is present in all versions of windows. | |||||
| 2015-12-14 | Invoke-Mimkatz: Incorporated latest 2.0 alpha build | Matt Graeber | 1 | -6/+9 | |
| Updated embedded powerkatz.dll to the latest version of mimikatz - [Commit 1b13057](https://github.com/gentilkiwi/mimikatz/commit/1b130574ed78d1d9bf6117b0839056900cb8f816) This update addresses issue #94. | |||||
| 2015-12-14 | Removed commented blocks. | Harmj0y | 1 | -6/+6 | |
| 2015-12-14 | Merge branch 'dev' of https://github.com/PowerShellMafia/PowerSploit into dev | Harmj0y | 3 | -47/+17 | |
| 2015-12-14 | Removed C# enum for Test-ServiceDaclPermission | Harmj0y | 1 | -42/+42 | |
| 2015-12-14 | Bugfix #93 | Matt Graeber | 3 | -39/+3 | |
| Removed the "EndAddress" parameter set since it was never used. This should resolve any parameter set confusion. | |||||
| 2015-12-14 | Bugfix #92: perform OS check when importing NtCreateThreadEx | Matt Graeber | 2 | -8/+14 | |
| 2015-12-14 | Added admin rights check for existing Privesc Pester tests | Harmj0y | 1 | -1/+45 | |
| 2015-12-14 | Get-NetDomain now not called if -ComputerName or -ComputerFile are passed ↵ | Harmj0y | 2 | -228/+173 | |
| for meta functions, in order to prevent failure when running on a non-domain joined machine took out FQDN Pester tests from Recon.tests.ps1 that used $env:userdnsdomain | |||||
| 2015-12-14 | Modified Tests/Privesc.tests.ps1 to ensure file artifacts are not left on disk. | Harmj0y | 1 | -62/+103 | |
| 2015-12-14 | Modified Tests/Recon.tests.ps1 to ensure file artifacts are not left on disk. | Harmj0y | 1 | -54/+68 | |
| 2015-12-14 | Fix Invoke-Shellcode OS architecture detection | Matt Graeber | 1 | -10/+23 | |
| Fixes issue #70 | |||||
| 2015-12-14 | Adding PollingInterval param to Get-Keystrokes | Matt Graeber | 1 | -3/+15 | |
| Incorporates idea from @obscuresec in issue #50. | |||||
| 2015-12-11 | Added Invoke-DowngradeAccount to set an account to use reversible encryption. | Harmj0y | 1 | -1/+117 | |
| 2015-12-11 | Domain local group query fix. | Harmj0y | 1 | -30/+140 | |
| Added ConvertFrom-UACValue to convert binary UAC values to human readable format. Corrected logic in Set-ADObject. | |||||
| 2015-12-03 | Start of Recon/PowerView Pester tests | Harmj0y | 1 | -0/+676 | |
| 2015-12-03 | Privesc/PowerUp Pester tests | Harmj0y | 1 | -0/+485 | |
| 2015-12-03 | Added ./Privesc/ folder that integrates PowerUp.ps1 | Harmj0y | 5 | -0/+2479 | |
| Updated README.md's | |||||
| 2015-12-03 | Integration of PowerView into ./Recon/ | Harmj0y | 4 | -16/+11260 | |
| 2015-11-09 | Removing Invoke-ShellcodeMSIL from psproj file | Matt Graeber | 1 | -1/+0 | |
| 2015-11-09 | Excluding the Tests folder from being loaded as a module | Matt Graeber | 1 | -1/+1 | |
| 2015-11-09 | Adding Pester tests for CodeExecution module | Matt Graeber | 1 | -0/+362 | |
| 2015-11-09 | Revert "Excluding the Tests folder from being loaded as a module" | Matt Graeber | 3 | -363/+2 | |
| This reverts commit a0ab599810f8f05a9bf24850fb9104516b71abb7. | |||||
| 2015-11-09 | Excluding the Tests folder from being loaded as a module | Matt Graeber | 3 | -2/+363 | |
| 2015-11-07 | Adding -DoNotZeroMZ for testing | Matt Graeber | 1 | -5/+14 | |
| 2015-11-07 | Removed extraneous parameters | Matt Graeber | 1 | -58/+13 | |
| Removed extraneous parameters Removed the following extraneous parameters: -PEPath -PEUrl The functionality they provided can be easily replicated in code outside of Invoke-ReflectivePEInjection. i.e. it should be up to the user how they might want to download a PE before loading it. That should not be dictated by Invoke-ReflectivePEInjection. | |||||
| 2015-11-07 | Revert "Removed extraneous parameters" | Matt Graeber | 1 | -18/+89 | |
| This reverts commit 0eb520e31f97bc0ca83bd2c1546a18dd97e09d79. | |||||
| 2015-11-07 | Removed extraneous parameters | Matt Graeber | 1 | -89/+18 | |
| Removed the following extraneous parameters: -PEPath -PEUrl -ComputerName The functionality they provided can be easily replicated in code outside of Invoke-ReflectivePEInjection. i.e. it should be up to the user how they might want to download a PE before loading it. That should not be dictated by Invoke-ReflectivePEInjection. | |||||
| 2015-11-06 | Fixed a casting bug | Matt Graeber | 1 | -2/+2 | |
| 2015-11-05 | Removing Invoke-ShellcodeMSIL | Matt Graeber | 3 | -272/+1 | |
| This was only ever intended to be a PoC. I'll bring this back if requested but it exhibits duplicate functionality. | |||||
| 2015-11-05 | Test: Ensure all scripts are not LE Unicode encoded | Matt Graeber | 1 | -0/+49 | |
| 2015-11-05 | Re-import Invoke-Shellcode.ps1 | Matt Graeber | 1 | -1/+1 | |
| 2015-11-05 | Adding Visual Studio 2015 project file | Matt Graeber | 2 | -0/+225 | |
| Those who wish to load this project into VS 2015 with Adam Driscoll's PowerShell VS extension may now do so. | |||||
| 2015-11-05 | Removing Metasploit integration from Invoke-Shellcode | Matt Graeber | 1 | -267/+4 | |
| This should have only ever been a shellcode runner. Those wishing to integrate this with Metasploit should generate a shellcode payload with msfvenom. | |||||
| 2015-11-04 | Migrating everything back to Invoke-Shellcode.ps1. I'm done making my point ↵ | Matt Graeber | 3 | -773/+719 | |
| now. :P | |||||
| 2015-11-04 | Normalizing all files to ascii encoding | Matt Graeber | 5 | -11/+11 | |
| 2015-11-04 | Revert "Normalizing all files to ascii encoding" | Matt Graeber | 7 | -65/+1726 | |
| This reverts commit 5a812ce82361bf65443fc9c545c091e21e98fe80. | |||||
| 2015-11-04 | Normalizing all files to ascii encoding | Matt Graeber | 7 | -1726/+65 | |
| 2015-10-30 | Update Invoke-TokenManipulation.ps1 | FixTheExchange | 1 | -2/+0 | |
| Removed 2 unnecessary lines. | |||||