View Get-SMBIOSData.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add-Type -TypeDefinition @' | |
using System; | |
using System.ComponentModel; | |
using System.Runtime.InteropServices; | |
namespace SMBIOS | |
{ | |
public enum FirmwareProvider : uint | |
{ | |
ACPI = 0x41435049, |
View macOS-CommandLine.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add-Type -CompilerOptions '/unsafe' -TypeDefinition @' | |
using System; | |
using System.Runtime.InteropServices; | |
using System.Text; | |
namespace macOS | |
{ | |
public static class Native | |
{ | |
[DllImport("libc", SetLastError = true)] |
View Copy-ToFtp.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright: (c) 2022, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
# MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
Function Copy-ToFtp { | |
[CmdletBinding()] | |
param ( | |
[Parameter(Mandatory = $true)] | |
[System.String] | |
$Path, |
View Get-TlsCipherSuite.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Function Get-TlsCipherSuite { | |
<# | |
.DESCRIPTION | |
Get a list of enabled TLS cipher suites for the server. | |
This is like the Get-TlsCipherSuite cmdlet but works on older Windows | |
versions. | |
#> | |
[OutputType([string])] | |
param () |
View Remove-FileEntry.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add-Type -TypeDefinition @' | |
using System; | |
using System.Collections.Generic; | |
using System.ComponentModel; | |
using System.IO; | |
using System.Runtime.InteropServices; | |
namespace Kernel32 | |
{ | |
public enum FileInfoLevel |
View tls-keylogger.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Requires -Module PSDetour | |
[CmdletBinding()] | |
param ( | |
[Parameter(Mandatory)] | |
[string] | |
$LogPath | |
) | |
$LogPath = $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($LogPath) |
View Get-SMBApplicationKey.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright: (c) 2022, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
# MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
<# Example Code to Run on the Server | |
$pipeServer = [System.IO.Pipes.NamedPipeServerStream]::new("jordan-test", [System.IO.Pipes.PipeDirection]::InOut) | |
$pipeServer.WaitForConnection() | |
try { | |
$tokenStat = Get-NamedPipeClientStatistics -Pipe $pipeServer | |
$appKey = Get-SMBApplicationKey -LogonId $tokenStat.AuthenticationId | |
[System.Convert]::ToBase64String($appKey.Applicationkey) |
View Get-LogonSessionData.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright: (c) 2022, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
# MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
Function Get-LogonSessionData { | |
<# | |
.SYNOPSIS | |
Get LSA logon session data. | |
.DESCRIPTION | |
Get the logon session information for all or a specific logon session or specific process logon sessions. |
View Get-WTSSessionInfo.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright: (c) 2022, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
# MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
Function Get-WTSSessionInfo { | |
<# | |
.SYNOPSIS | |
Enumerates sessions on a Windows host. | |
.DESCRIPTION | |
Enumerates all the sessions available on a Windows host through the WTSEnumerateSessionsExW API. |
View Trace-TlsHandshake.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright: (c) 2022, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
# MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
Function Trace-TlsHandshake { | |
<# | |
.SYNOPSIS | |
TLS Handshake Diagnostics. | |
.DESCRIPTION | |
Performs a TLS handshake and returns diagnostic information about that |
NewerOlder