aboutsummaryrefslogtreecommitdiff
path: root/Recon
AgeCommit message (Collapse)AuthorFilesLines
2016-06-08Fixed LDAP preference for when -ADSPath is passed to Get-NetDomainTrustHarmj0y1-20/+29
Fixed Get-DomainSID to allow for a -DomainController parameter Fixed Get-NetDomainTrust logic
2016-06-08Fixed a few GC bugs in Get-DomainSearcherHarmj0y1-24/+49
Added attempted gpcfilesyspath resolution to Get-NetGPO Added -ADSPath for Get-NetDomainTrust
2016-06-07bug fixes/error handling in Get-NetGPOGroup for version 2Harmj0y1-30/+43
2016-06-06Small bug fix in Find-GPOLocation when enumerating all relationshipsHarmj0y1-29/+79
Moved GPOType check to Get-NetGPOGroup Expanded comments and help for GPO location cmdlets
2016-06-06Rewrote/corrected logic for Get-NetGPOGroup, Find-GPOLocation, and ↵Harmj0y1-281/+293
Find-GPOComputerAdmin Rewrote/corrected logic for Find-GPOLocation Added Get-IniContent and rewrote Get-GptTmpl to use Get-IniContent to parse GptTmpl.inf files Rewrote Get-GroupsXML to not resolve SIDs and return the same object type as Get-GptTmpl
2016-05-31Corrected error checking for functions that used GetLastErrorHarmj0y1-182/+89
General errors are now parsed with [ComponentModel.Win32Exception] and written with Write-Verbose Write-Debug calls converted to Write-Verbose or removed
2016-05-22Updated functions in Recon.psd1Harmj0y1-1/+13
2016-05-22-Fixed bug in Get-NetGroupMember's ranged searching logic on PowerShell v3+Harmj0y1-123/+114
-Corrected parameter/variable scoping bug in several functions -TODO: fix begin{} scoping issues in Find-InterestingFile, Invoke-UserHunter, Invoke-ProcessHunter, Invoke-EventHunter, Invoke-ShareFinder, Invoke-FileFinder, Find-LocalAdminAccess, Invoke-EnumerateLocalAdmin -Other misc. fixes
2016-05-22Get-LoggedOnLocal now handles the situation when multiple SIDs are returnedHarmj0y1-101/+33
Get-LoggedOnLocal turned into a filter and given additional error handling Standardized tab/line spacing Removed Invoke-PSLoggedOn
2016-05-22Merge pull request #133 from breakersall/devHarmJ0y1-0/+143
Adds PSLoggedOn like functionality
2016-05-18Merge pull request #140 from Meatballs1/fix_groups_xmlHarmJ0y1-10/+32
PowerView - Fix Groups.xml Parsing
2016-05-13Logic bug fix in Get-NetDomainTrustHarmj0y1-1/+1
2016-05-13Get-NetDomainTrust now gets an -API option to enumerate trusts through ↵Harmj0y1-16/+169
DsEnumerateDomainTrusts() Logic bug fix for Get-DNSZone Bug fix for Get-NetLocalGroup
2016-05-12Fix groupsxml parsingMeatballs1-10/+32
2016-05-09Merge pull request #135 from Meatballs1/trust_sidsHarmJ0y1-0/+6
Retrieve Domain SIDs with -LDAP
2016-05-10Added Invoke-UserHunter field to keep output objects in sync.Harmj0y1-0/+1
2016-05-10Added name resolution to custom PSObject generated by Invoke-UserHunter.Andy Robbins1-0/+20
2016-05-09Began adding custom PSObject TypeNames to various PowerView output objects.Harmj0y1-7/+27
2016-05-09Retrieve Domain SIDs with -LDAPMeatballs1-0/+6
2016-05-05Adds PSLoggedOn like functionalityMatt Kelly1-0/+143
Adding in Get-LoggedOnLocal which uses HKU registry checks to see who is logged locally to a remote box and only requires user level access rights. The benefit over NetWkstaUserEnum is less user privileges required (admin for NetWkstaUserEnum) and is the same process PSLoggedOn uses. Invoke-PSLoggedOn launches both Get-LoggedOnLocal and Get-NetSessions and outputs the same format as PSLoggedOn.exe from Sysinternals. I did not change Invoke-UserHunter non-stealth to this option yet, but it is beneficial in that if you use both HKU and NetSessionEnum you only require basic user level rights not admin remote.
2016-05-03Added Get-RegistryMountedDriveHarmj0y1-6/+120
2016-04-27Modified Convert-DNSRecord to return the base64 encoded record for record ↵Harmj0y1-52/+26
types not currently handled.
2016-04-27Added Get-DNSZone and Get-DNSRecord to enumerate AD DNS information.Harmj0y1-0/+360
Added Convert-DNSRecord (ported from Michael B. Smith's code at https://raw.githubusercontent.com/mmessano/PowerShell/master/dns-dump.ps1) - needs expansion work on record types
2016-04-25Changed some property types in Get-ObjectACLHarmj0y1-2/+9
2016-04-24added Request-SPNTicket to request kerberos tickets for specified SPNsHarmj0y1-0/+48
2016-04-24For PowerView, added $Searcher.CacheResults = $False to Get-DomainSearcherHarmj0y1-19/+71
Added dispose() approach for the following cmdlets: Get-NetUser, Get-ObjectAcl/Add-ObjectAcl, Get-GUIDMap, Get-NetComputer, Get-ADObject, Get-NetOU, Get-NetSite, Get-NetSubnet, Get-NetGroup, Get-NetGroupMember, Get-DFSshare, Get-NetGPO, Get-NetDomainTrust
2016-04-24Merge pull request #128 from Meatballs1/fix_groups_xmlHarmJ0y1-2/+2
//Group -> //Groups
2016-04-11Change ComputerName default to the computer's nameleechristensen1-1/+1
Change ComputerName default so Disabled doesn't report error
2016-04-03//Group -> //GroupsMeatballs1-2/+2
2016-03-18Bug fix in Find-GPOLocationHarmj0y1-5/+9
2016-03-15Added Get-SiteName to find the site a computer is a part ofHarmj0y1-101/+288
Added -ComputerName parameter to Get-NetGPO to enumerate all GPOs a given computer has applied Fixed bug in Find-GPOComputerAdmin and added site enumeration for GPO links
2016-03-11Additional error checking in Get-DFSshareHarmj0y1-9/+10
2016-03-09Fixed bug with Get-NetGroupMember and computer accounts.Harmj0y1-33/+15
samaccounttype enumeration now more accurate.
2016-03-09fix for Find-GPOComputerAdminHarmj0y1-3/+15
2016-03-09Bug fix for Invoke-EnumerateLocalAdminHarmj0y1-5/+4
2016-03-09Removed Set-MacAttribute and Copy-ClonedFileHarmj0y2-234/+117
Combined Convert-NT4toCanonical and Convert-DomainSimpletoNT4 into Convert-ADName
2016-03-07Added New-GPOImmediateTaskHarmj0y1-12/+220
2016-03-07DomainOnly tweakHarmj0y1-5/+4
2016-03-07Added -DomainOnly flag to Invoke-EnumerateLocalAdminHarmj0y1-9/+23
2016-03-07renamed output field for Get-NetLocalGroup APIHarmj0y1-1/+1
2016-03-07Added NetLocalGroupGetMembers enumeration method for Get-NetLocalGroup with ↵Harmj0y1-151/+302
the -API flag Fixed threading specification in most threaded functions.
2016-03-07Parse DFSv1 PKTMeatballs1-6/+198
2016-03-06Added additional fields to Get-NetLocalGroup results.Harmj0y1-22/+63
2016-02-28Modified output of Find-GPOLocation to return more object information.Harmj0y1-26/+48
2016-02-28-fixed several bugs in Find-GPOLocation (-GroupName now works properly and ↵Harmj0y1-132/+147
Sites returned) -Find-GPOLocation with no arguments now returns all mappings -fixed parsing issue in Get-NetGPOGroup- names now properly extracted from restricted group templates
2016-02-11Most ldap-based search functions now accept a -Credential argument for ↵Harmj0y1-1084/+1427
querying from non-domain joined machines without a runas Changed several functions to filters, where appropriate. Get-NetShare, Get-NetSession, Get-NetLoggedOn, Get-NetRDPSession, Invoke-CheckLocalAdminAccess, Get-LastLoggedOn, Get-CachedRDPConnection, Get-NetProcess are now filters, better handle pipeline input, and now return an augmented result object with the queried ComputerName as a field Replaced RemoteUserName/RemotePassword with -Credential parameter in Get-CachedRDPConnection and Get-NetProcess modified output object for Get-NetShare to be a proper object Various bug fixes and better parameter validation
2015-12-29Added Find-ManagedSecurityGroups to readmeStuart Morgan1-0/+2
2015-12-29Sorted the recon.psd1 module import into alphabetical orderStuart Morgan1-51/+51
2015-12-29Added reference to function to powersploit.psd1 and recon.psd1Stuart Morgan1-0/+1
2015-12-28Added Find-ManagedSecurityGroupsStuart Morgan1-0/+71
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-25 22:46:36 +0000