site_name: PowerSploit repo_url: https://github.com/PowerShellMafia/PowerSploit/ site_favicon: favicon.ico pages: - Home: 'index.md' - Recon: - About: 'Recon/index.md' - Functions: - Export-PowerViewCSV: 'Recon/Export-PowerViewCSV.md' - Resolve-IPAddress: 'Recon/Resolve-IPAddress.md' - ConvertTo-SID: 'Recon/ConvertTo-SID.md' - ConvertFrom-SID: 'Recon/ConvertFrom-SID.md' - Convert-ADName: 'Recon/Convert-ADName.md' - ConvertFrom-UACValue: 'Recon/ConvertFrom-UACValue.md' - Add-RemoteConnection: 'Recon/Add-RemoteConnection.md' - Remove-RemoteConnection: 'Recon/Remove-RemoteConnection.md' - Invoke-UserImpersonation: 'Recon/Invoke-UserImpersonation.md' - Invoke-RevertToSelf: 'Recon/Invoke-RevertToSelf.md' - Get-DomainSPNTicket: 'Recon/Get-DomainSPNTicket.md' - Invoke-Kerberoast: 'Recon/Invoke-Kerberoast.md' - Get-PathAcl: 'Recon/Get-PathAcl.md' - Get-DomainDNSZone: 'Recon/Get-DomainDNSZone.md' - Get-DomainDNSRecord: 'Recon/Get-DomainDNSRecord.md' - Get-Domain: 'Recon/Get-Domain.md' - Get-DomainController: 'Recon/Get-DomainController.md' - Get-Forest: 'Recon/Get-Forest.md' - Get-ForestDomain: 'Recon/Get-ForestDomain.md' - Get-ForestGlobalCatalog: 'Recon/Get-ForestGlobalCatalog.md' - Find-DomainObjectPropertyOutlier: 'Recon/Find-DomainObjectPropertyOutlier.md' - Get-DomainUser: 'Recon/Get-DomainUser.md' - New-DomainUser: 'Recon/New-DomainUser.md' - Set-DomainUserPassword: 'Recon/Set-DomainUserPassword.md' - Get-DomainUserEvent: 'Recon/Get-DomainUserEvent.md' - Get-DomainComputer: 'Recon/Get-DomainComputer.md' - Get-DomainObject: 'Recon/Get-DomainObject.md' - Set-DomainObject: 'Recon/Set-DomainObject.md' - Set-DomainObjectOwner: 'Recon/Set-DomainObjectOwner.md' - Get-DomainObjectAcl: 'Recon/Get-DomainObjectAcl.md' - Add-DomainObjectAcl: 'Recon/Add-DomainObjectAcl.md' - Find-InterestingDomainAcl: 'Recon/Find-InterestingDomainAcl.md' - Get-DomainOU: 'Recon/Get-DomainOU.md' - Get-DomainSite: 'Recon/Get-DomainSite.md' - Get-DomainSubnet: 'Recon/Get-DomainSubnet.md' - Get-DomainSID: 'Recon/Get-DomainSID.md' - Get-DomainGroup: 'Recon/Get-DomainGroup.md' - New-DomainGroup: 'Recon/New-DomainGroup.md' - Get-DomainManagedSecurityGroup: 'Recon/Get-DomainManagedSecurityGroup.md' - Get-DomainGroupMember: 'Recon/Get-DomainGroupMember.md' - Add-DomainGroupMember: 'Recon/Add-DomainGroupMember.md' - Get-DomainFileServer: 'Recon/Get-DomainFileServer.md' - Get-DomainDFSShare: 'Recon/Get-DomainDFSShare.md' - Get-DomainGPO: 'Recon/Get-DomainGPO.md' - Get-DomainGPOLocalGroup: 'Recon/Get-DomainGPOLocalGroup.md' - Get-DomainGPOUserLocalGroupMapping: 'Recon/Get-DomainGPOUserLocalGroupMapping.md' - Get-DomainGPOComputerLocalGroupMapping: 'Recon/Get-DomainGPOComputerLocalGroupMapping.md' - Get-DomainPolicy: 'Recon/Get-DomainPolicy.md' - Get-NetLocalGroup: 'Recon/Get-NetLocalGroup.md' - Get-NetLocalGroupMember: 'Recon/Get-NetLocalGroupMember.md' - Get-NetShare: 'Recon/Get-NetShare.md' - Get-NetLoggedon: 'Recon/Get-NetLoggedon.md' - Get-NetSession: 'Recon/Get-NetSession.md' - Get-RegLoggedOn: 'Recon/Get-RegLoggedOn.md' - Get-NetRDPSession: 'Recon/Get-NetRDPSession.md' - Test-AdminAccess: 'Recon/Test-AdminAccess.md' - Get-NetComputerSiteName: 'Recon/Get-NetComputerSiteName.md' - Get-WMIRegProxy: 'Recon/Get-WMIRegProxy.md' - Get-WMIRegLastLoggedOn: 'Recon/Get-WMIRegLastLoggedOn.md' - Get-WMIRegCachedRDPConnection: 'Recon/Get-WMIRegCachedRDPConnection.md' - Get-WMIRegMountedDrive: 'Recon/Get-WMIRegMountedDrive.md' - Get-WMIProcess: 'Recon/Get-WMIProcess.md' - Find-InterestingFile: 'Recon/Find-InterestingFile.md' - Find-DomainUserLocation: 'Recon/Find-DomainUserLocation.md' - Find-DomainProcess: 'Recon/Find-DomainProcess.md' - Find-DomainUserEvent: 'Recon/Find-DomainUserEvent.md' - Find-DomainShare: 'Recon/Find-DomainShare.md' - Find-InterestingDomainShareFile: 'Recon/Find-InterestingDomainShareFile.md' - Find-LocalAdminAccess: 'Recon/Find-LocalAdminAccess.md' - Find-DomainLocalGroupMember: 'Recon/Find-DomainLocalGroupMember.md' - Get-DomainTrust: 'Recon/Get-DomainTrust.md' - Get-ForestTrust: 'Recon/Get-ForestTrust.md' - Get-DomainForeignUser: 'Recon/Get-DomainForeignUser.md' - Get-DomainForeignGroupMember: 'Recon/Get-DomainForeignGroupMember.md' - Get-DomainTrustMapping: 'Recon/Get-DomainTrustMapping.md' - Get-ComputerDetail: 'Recon/Get-ComputerDetail.md' - Get-HttpStatus: 'Recon/Get-HttpStatus.md' - Invoke-Portscan: 'Recon/Invoke-Portscan.md' - Invoke-ReverseDnsLookup: 'Recon/Invoke-ReverseDnsLookup.md' - Privesc: - About: 'Privesc/index.md' - Functions: - Get-ModifiablePath: 'Privesc/Get-ModifiablePath.md' - Get-ProcessTokenGroup: 'Privesc/Get-ProcessTokenGroup.md' - Get-ProcessTokenPrivilege: 'Privesc/Get-ProcessTokenPrivilege.md' - Enable-Privilege: 'Privesc/Enable-Privilege.md' - Add-ServiceDacl: 'Privesc/Add-ServiceDacl.md' - Set-ServiceBinaryPath: 'Privesc/Set-ServiceBinaryPath.md' - Test-ServiceDaclPermission: 'Privesc/Test-ServiceDaclPermission.md' - Get-UnquotedService: 'Privesc/Get-UnquotedService.md' - Get-ModifiableServiceFile: 'Privesc/Get-ModifiableServiceFile.md' - Get-ModifiableService: 'Privesc/Get-ModifiableService.md' - Get-ServiceDetail: 'Privesc/Get-ServiceDetail.md' - Invoke-ServiceAbuse: 'Privesc/Invoke-ServiceAbuse.md' - Write-ServiceBinary: 'Privesc/Write-ServiceBinary.md' - Install-ServiceBinary: 'Privesc/Install-ServiceBinary.md' - Restore-ServiceBinary: 'Privesc/Restore-ServiceBinary.md' - Find-ProcessDLLHijack: 'Privesc/Find-ProcessDLLHijack.md' - Find-PathDLLHijack: 'Privesc/Find-PathDLLHijack.md' - Write-HijackDll: 'Privesc/Write-HijackDll.md' - Get-RegistryAlwaysInstallElevated: 'Privesc/Get-RegistryAlwaysInstallElevated.md' - Get-RegistryAutoLogon: 'Privesc/Get-RegistryAutoLogon.md' - Get-ModifiableRegistryAutoRun: 'Privesc/Get-ModifiableRegistryAutoRun.md' - Get-ModifiableScheduledTaskFile: 'Privesc/Get-ModifiableScheduledTaskFile.md' - Get-UnattendedInstallFile: 'Privesc/Get-UnattendedInstallFile.md' - Get-WebConfig: 'Privesc/Get-WebConfig.md' - Get-ApplicationHost: 'Privesc/Get-ApplicationHost.md' - Get-SiteListPassword: 'Privesc/Get-SiteListPassword.md' - Get-CachedGPPPassword: 'Privesc/Get-CachedGPPPassword.md' - Write-UserAddMSI: 'Privesc/Write-UserAddMSI.md' - Invoke-WScriptUACBypass: 'Privesc/Invoke-WScriptUACBypass.md' - Invoke-PrivescAudit: 'Privesc/Invoke-PrivescAudit.md' - Get-System: 'Privesc/Get-System.md' - AntiVirus: - Functions: - Find-AVSignature: 'AntivirusBypass/Find-AVSignature.md' - CodeExecution: - Functions: - Invoke-DllInjection: 'CodeExecution/Invoke-DllInjection.md' - Invoke-ReflectivePEInjection: 'CodeExecution/Invoke-ReflectivePEInjection.md' - Invoke-Shellcode: 'CodeExecution/Invoke-Shellcode.md' - Invoke-WmiCommand: 'CodeExecution/Invoke-WmiCommand.md' - Mayhem: - Functions: - Set-MasterBootRecord: 'Mayhem/Set-MasterBootRecord.md' - Set-CriticalProcess: 'Mayhem/Set-CriticalProcess.md' - Persistence: - Functions: - New-ElevatedPersistenceOption: 'Persistence/New-ElevatedPersistenceOption.md' - New-UserPersistenceOption: 'Persistence/New-UserPersistenceOption.md' - Add-Persistence: 'Persistence/Add-Persistence.md' - Install-SSP: 'Persistence/Install-SSP.md' - Get-SecurityPackage: 'Persistence/Get-SecurityPackage.md' - ScriptModification: - Functions: - Out-CompressedDll: 'ScriptModification/Out-CompressedDll.md' - Out-EncodedCommand: 'ScriptModification/Out-EncodedCommand.md' - Out-EncryptedScript: 'ScriptModification/Out-EncryptedScript.md' - Remove-Comment: 'ScriptModification/Remove-Comment.md'