Last active
August 4, 2017 19:17
-
-
Save darkoperator/3f9da4b780b5a0206bca to your computer and use it in GitHub Desktop.
PowerShell Script to Install Posh-Sysmon
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Make sure the module is not loaded | |
| Remove-Module posh-secmod -ErrorAction SilentlyContinue | |
| # Download latest version | |
| $webclient = New-Object System.Net.WebClient | |
| $url = "https://github.com/darkoperator/Posh-Sysmon/archive/master.zip" | |
| Write-Host "Downloading latest version of Posh-Sysmon from $url" -ForegroundColor Cyan | |
| $file = "$($env:TEMP)\Posh-Sysmon.zip" | |
| $webclient.DownloadFile($url,$file) | |
| Write-Host "File saved to $file" -ForegroundColor Green | |
| # Unblock and Decompress | |
| Unblock-File -Path $file | |
| $targetondisk = "$($env:USERPROFILE)\Documents\WindowsPowerShell\Modules" | |
| New-Item -ItemType Directory -Force -Path $targetondisk | out-null | |
| $shell_app=new-object -com shell.application | |
| $zip_file = $shell_app.namespace($file) | |
| Write-Host "Uncompressing the Zip file to $($targetondisk)" -ForegroundColor Cyan | |
| $destination = $shell_app.namespace($targetondisk) | |
| $destination.Copyhere($zip_file.items(), 0x10) | |
| # Rename and import | |
| Write-Host "Renaming folder" -ForegroundColor Cyan | |
| Rename-Item -Path ($targetondisk+"\Posh-Sysmon-master") -NewName "Posh-Sysmon" -Force | |
| Write-Host "Module has been installed" -ForegroundColor Green | |
| Import-Module -Name Posh-Sysmon | |
| Get-Command -Module Posh-Sysmon |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment