enigma0x3/rpc.ps1

## rpc.ps1
$rpc = ls C:\Windows\System32\*.exe, C:\Windows\System32\*.dll |Get-RpcServer -DbgHelpPath "C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\dbghelp.dll"

 foreach ($rpc1 in $rpc)
{
    $ourObject = New-Object -TypeName psobject
    $ourObject | Add-Member -MemberType NoteProperty -Name InterfaceID -Value $rpc1.InterfaceID
    $ourObject | Add-Member -MemberType NoteProperty -Name FileName -Value $rpc1.Name
    $ourObject | Add-Member -MemberType NoteProperty -Name IsRunning -Value $rpc1.IsServiceRunning
    $ourObject | Add-Member -MemberType NoteProperty -Name EndpointCount -Value $rpc1.EndpointCount
    $procs = $rpc1.Procedures.Name  | Out-String
    $ourObject | Add-Member -MemberType NoteProperty -Name Procedures -Value $procs
    $ourObject | fl | Out-file -Encoding ASCII rpc.txt -Append
}
	$rpc = ls C:\Windows\System32\.exe, C:\Windows\System32\.dll \|Get-RpcServer -DbgHelpPath "C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\dbghelp.dll"

	foreach ($rpc1 in $rpc)
	{
	$ourObject = New-Object -TypeName psobject
	$ourObject \| Add-Member -MemberType NoteProperty -Name InterfaceID -Value $rpc1.InterfaceID
	$ourObject \| Add-Member -MemberType NoteProperty -Name FileName -Value $rpc1.Name
	$ourObject \| Add-Member -MemberType NoteProperty -Name IsRunning -Value $rpc1.IsServiceRunning
	$ourObject \| Add-Member -MemberType NoteProperty -Name EndpointCount -Value $rpc1.EndpointCount
	$procs = $rpc1.Procedures.Name \| Out-String
	$ourObject \| Add-Member -MemberType NoteProperty -Name Procedures -Value $procs
	$ourObject \| fl \| Out-file -Encoding ASCII rpc.txt -Append
	}