This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Dictionary to hold superclass names | |
$superClass = @{} | |
# List to hold class names that inherit from container and are allowed to live under computer object | |
$vulnerableSchemas = [System.Collections.Generic.List[string]]::new() | |
# Resolve schema naming context | |
$schemaNC = (Get-ADRootDSE).schemaNamingContext | |
# Enumerate all class schemas |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Invoke-ScreenGrabber | |
{ | |
param( | |
[switch]$HideWindow, | |
[switch]$PassThru | |
) | |
# Ensure Windows Forms assembly is available | |
$null = Add-Type -AssemblyName System.Windows.Forms -ErrorAction SilentlyContinue |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function ConvertFrom-EventLogRecord | |
{ | |
param( | |
[Parameter(Mandatory=$true,ValueFromPipeline=$true)] | |
[System.Diagnostics.Eventing.Reader.EventLogRecord[]] | |
$InputEvent, | |
[Parameter(Mandatory=$true,Position=1)] | |
[ValidateNotNullOrEmpty()] | |
[string[]] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using namespace System.Net.Sockets | |
using namespace System.Net.Security | |
using namespace System.Security.Cryptography.X509Certificates | |
function ConvertFrom-X509Certificate { | |
param( | |
[Parameter(ValueFromPipeline)] | |
[X509Certificate2]$Certificate | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-AvailableLicenseTemplates { | |
[CmdletBinding()] | |
param () | |
process { | |
Write-Host "`$PSScriptRoot:" $PSScriptRoot -ForegroundColor Green | |
# Define the parent directory containing the folders | |
$ParentDirectory = "$PSScriptRoot\..\Templates\LICENSE\" | |
# Get the list of folders | |
$Folders = Get-ChildItem -Path $ParentDirectory -Directory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Scan-LOLDrivers { | |
param( | |
[Parameter(Mandatory = $true)] | |
[string]$path | |
) | |
Add-Type -TypeDefinition @" | |
using System; | |
using System.Security.Cryptography; | |
using System.Security.Cryptography.X509Certificates; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Define list of remote hosts (can be host names or IPs) | |
$RemoteHosts = @('www.google.com') | |
# Initiate a Ping asynchronously per remote host, pick up the result task objects | |
$Tasks = foreach($ComputerName in $RemoteHosts) { | |
(New-Object System.Net.NetworkInformation.Ping).SendPingAsync($ComputerName) | |
} | |
# Wait for all tasks to finish | |
[System.Threading.Tasks.Task]::WaitAll($Tasks) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function ConvertTo-Object { | |
param( | |
[Parameter(Mandatory=$true,ValueFromPipeline=$true)] | |
[AllowEmptyString()] | |
[string[]]$InputString, | |
[Parameter(Mandatory=$true,ValueFromRemainingArguments=$true)] | |
[string[]]$Pattern | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-MachineSID | |
{ | |
param( | |
[switch] | |
$DomainSID | |
) | |
# Retrieve the Win32_ComputerSystem class and determine if machine is a Domain Controller | |
$WmiComputerSystem = Get-WmiObject -Class Win32_ComputerSystem | |
$IsDomainController = $WmiComputerSystem.DomainRole -ge 4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-XmlFileTreeAppend | |
{ | |
param( | |
[Parameter(ParameterSetName='Path', Mandatory=$true, Position=0, ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)] | |
[string[]] | |
${Path}, | |
[Parameter(ParameterSetName='LiteralPath', Mandatory=$true, ValueFromPipelineByPropertyName=$true)] | |
[Alias('PSPath')] | |
[string[]] |
NewerOlder