| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2016-06-06 | Addded Get-CachedGPPPassword to PowerUp, based almost entirely on ↵ | Harmj0y | 1 | -0/+26 | |
| Get-GPPPassword. Added Pester tests for Get-CachedGPPPassword. | |||||
| 2016-06-04 | Get-ModifiablePath now also checks parent folders of files for modification | Harmj0y | 1 | -79/+94 | |
| Bug fixes Corrected PowerUp Pester tests Changed 'Path' field to 'ModifiablePath' in 'Get-ModifiablePath' Get-ServiceUnquoted now filters paths through Get-ModifiablePath | |||||
| 2016-06-04 | Renamed Get-RegistryAutoRun to Get-ModifiableRegistryAutoRun | Harmj0y | 1 | -16/+16 | |
| Renamed Find-PathHijack to Find-PathDLLHijack Fixed exposed functions in PowerSploit.psd1 | |||||
| 2016-06-04 | Overhauled and completed PowerUp/Privesc Pester tests | Harmj0y | 1 | -213/+622 | |
| 2016-05-12 | Added Get-MicrophoneAudio.ps1 and associated Pester tests | sixdub | 1 | -0/+31 | |
| 2016-03-11 | Added Get-System to Privesc/ | Harmj0y | 1 | -0/+42 | |
| Added Pester tests for Get-System | |||||
| 2016-02-12 | Added Pester tests for Get-SiteListPassword | Harmj0y | 1 | -0/+88 | |
| Encrypted password check for Get-SiteListPassword fields | |||||
| 2016-01-25 | Merge pull request #108 from sagishahar/master | HarmJ0y | 1 | -0/+131 | |
| Add 'CanRestart' to output and Pester tests | |||||
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 1 | -0/+2 | |
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 1 | -2/+0 | |
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 1 | -5/+4 | |
| 2016-01-13 | Fixed Pester/PassThru | Jesse Davis | 1 | -5/+5 | |
| 2016-01-13 | Add 'CanRestart' to output and Pester tests | sagishahar | 1 | -0/+131 | |
| Pester tests to the function 'Test-ServiceDaclPermission' were added in order to increase confidence in its reliability. In general, my intention was to replace the current functionality of the service management functions such as Invoke-ServiceStart, to not use blindly 'sc.exe start' but rather consult with the DACL permissions and base the decision on that. Unforunately, further investigation lead me to the conclusion that retrieval of the service's DACL permissions requires that an additional DACL permission (RC) be set. This may lead to an edge case that could miss a potential privilege escalation condition and thereby the original idea was discarded. Nonetheless, 'Test-ServiceDaclPermission' can be used for less critical tasks. Therefore, a 'CanRestart' property was added to the output of the service enumeration functions such as 'Get-ServiceUnquoted' as I think that it will add value to redteamers/pentesters by helping them prioritise which service should be abused for escalation of privileges. Services that can be restarted by a low privileged user will probably be prioritised first. Additionally, manual checking whether the vulnerable service can be restarted would not be required in most cases. | |||||
| 2016-01-09 | Update Exfiltration.tests.ps1 | Jesse Davis | 1 | -2/+2 | |
| 2016-01-09 | new Get-Keystrokes | Jesse Davis | 1 | -0/+55 | |
| 2015-12-17 | Revert "Invoke-ReflectivePEInjection test harnesses updated" | Matt Graeber | 1 | -2/+2 | |
| This reverts commit 98ebc1b0b8b64d069d34d80c128aa226b5e8416f. | |||||
| 2015-12-17 | Invoke-ReflectivePEInjection test harnesses updated | Matt Graeber | 1 | -2/+2 | |
| Affected test harness PEs were updated to work in XP. Addresses issue #100 | |||||
| 2015-12-14 | Invoke-DllInjection Pester test improvement | Matt Graeber | 1 | -7/+7 | |
| The test dll I now use is advpack.dll since that is present in all versions of windows. | |||||
| 2015-12-14 | Added admin rights check for existing Privesc Pester tests | Harmj0y | 1 | -1/+45 | |
| 2015-12-14 | Get-NetDomain now not called if -ComputerName or -ComputerFile are passed ↵ | Harmj0y | 1 | -120/+51 | |
| for meta functions, in order to prevent failure when running on a non-domain joined machine took out FQDN Pester tests from Recon.tests.ps1 that used $env:userdnsdomain | |||||
| 2015-12-14 | Modified Tests/Privesc.tests.ps1 to ensure file artifacts are not left on disk. | Harmj0y | 1 | -62/+103 | |
| 2015-12-14 | Modified Tests/Recon.tests.ps1 to ensure file artifacts are not left on disk. | Harmj0y | 1 | -54/+68 | |
| 2015-12-03 | Start of Recon/PowerView Pester tests | Harmj0y | 1 | -0/+676 | |
| 2015-12-03 | Privesc/PowerUp Pester tests | Harmj0y | 1 | -0/+485 | |
| 2015-11-09 | Adding Pester tests for CodeExecution module | Matt Graeber | 1 | -0/+362 | |
| 2015-11-09 | Revert "Excluding the Tests folder from being loaded as a module" | Matt Graeber | 1 | -362/+0 | |
| This reverts commit a0ab599810f8f05a9bf24850fb9104516b71abb7. | |||||
| 2015-11-09 | Excluding the Tests folder from being loaded as a module | Matt Graeber | 1 | -0/+362 | |
| 2015-11-05 | Test: Ensure all scripts are not LE Unicode encoded | Matt Graeber | 1 | -0/+49 | |