| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2014-02-03 | Removed mimikatz. | mattifestation | 289 | -16310/+0 | |
| This doesn't need to reside in PowerSploit. Those that are truly paranoid should validate that the embedded executable in Invoke-Mimikatz.ps1 is indeed mimikatz. This was causing AV to flag upon downloading PowerSploit. | |||||
| 2014-01-11 | Merge pull request #25 from clymb3r/master | Matt Graeber | 1 | -32/+142 | |
| Bug fixes for Invoke-TokenManipulation | |||||
| 2014-01-10 | Bug fixes for Invoke-TokenManipulation | clymb3r | 1 | -32/+142 | |
| Processes could not be started when the script was being run from Session 0. The fix is to use the CreateProcessAsUserW function when running in Session 0. This API requires SeAssignPrimaryTokenPrivilege priviege, so for non-session0 calls I still use CreateProcessWithTokenW which does not require special privileges. | |||||
| 2014-01-01 | Fixes #23 - $Password was not being cleared | mattifestation | 1 | -0/+1 | |
| 2013-11-18 | Merge pull request #21 from clymb3r/master | Matt Graeber | 18 | -1/+4428 | |
| Adding Inject-LogonCredentials | |||||
| 2013-11-17 | Adding Inject-LogonCredentials | clymb3r | 18 | -1/+4428 | |
| 2013-11-13 | Normalized all scripts to ASCII encoding | mattifestation | 9 | -12/+12 | |
| 2013-11-04 | Updated Invoke-TokenManipulation help | clymb3r | 1 | -2/+2 | |
| 2013-11-03 | Adding Invoke-TokenManipulation | clymb3r | 2 | -1/+1774 | |
| 2013-10-01 | Switching to ANSI from UTF8 encoding | clymb3r | 2 | -6/+6 | |
| Scripts now work in 2008r2. I thought I tested before uploading but something broke somehow... Now the scripts work in 2008r2 and win8+ | |||||
| 2013-10-01 | Adding Invoke-Mimikatz and Invoke-Ninjacopy | clymb3r | 318 | -1/+29481 | |
| 2013-08-17 | Get-Keystrokes now accepts relative paths | Matt Graeber | 1 | -1/+3 | |
| 2013-08-17 | Out-Minidump now provides descriptive output | Matt Graeber | 1 | -2/+2 | |
| Out-Minidump now outputs a FileInfo object (i.e. the same output as Get-ChildItem) upon successfully creating a dump file. | |||||
| 2013-08-17 | Added additional error handling to Get-GPPPassword | Matt Graeber | 1 | -3/+10 | |
| 2013-08-12 | added ErrorAction SilentlyContinue to Get-ChildItem | hajdbo | 1 | -2/+2 | |
| Sometimes you will have a denied access to a directory. "ErrorAction SilentlyContinue" will continue searching recursively in \SYSVOL even when it encounters a directory where access is denied. | |||||
| 2013-07-03 | Update Get-TimedScreenshot.ps1 | Chris Campbell | 1 | -5/+5 | |
| Fix error handling and various style problems | |||||
| 2013-07-03 | Fix improper use of $Error[0] | Chris Campbell | 1 | -1/+1 | |
| 2013-07-03 | Terminating Errors Added | Chris Campbell | 1 | -1/+5 | |
| Added checks to ensure that the script is being ran on a domain-joined machine and with a domain account. | |||||
| 2013-07-03 | Updated Get-GPPPassword | Matt Graeber | 2 | -1/+127 | |
| 2013-06-30 | Added Get-Keystrokes | Matt Graeber | 2 | -1/+248 | |
| Get-Keystrokes is a PowerShell keylogger | |||||
| 2013-05-18 | "Best practice" improvements to Out-Minidump | Matt Graeber | 1 | -42/+39 | |
| 2013-05-15 | Added Out-Minidump | Matt Graeber | 2 | -1/+135 | |
| Out-Minidump writes a process dump file with all process memory to disk. This is similar to running procdump.exe with the '-ma' switch. | |||||
| 2013-01-21 | Consistency improvements in comment-based help | bitform | 1 | -70/+72 | |
| 2013-01-20 | Added 'Exfiltration' Module | bitform | 4 | -0/+199 | |