├── .gitignore ├── AntivirusBypass ├── AntivirusBypass.psd1 ├── AntivirusBypass.psm1 ├── Find-AVSignature.ps1 └── Usage.md ├── CodeExecution ├── CodeExecution.psd1 ├── CodeExecution.psm1 ├── Invoke-DllInjection.ps1 ├── Invoke-ReflectivePEInjection.ps1 ├── Invoke-ReflectivePEInjection_Resources │ ├── DemoDLL │ │ ├── DemoDLL.sln │ │ └── DemoDLL │ │ │ ├── DemoDLL.cpp │ │ │ ├── DemoDLL.h │ │ │ ├── DemoDLL.vcxproj │ │ │ ├── DemoDLL.vcxproj.filters │ │ │ ├── ReadMe.txt │ │ │ ├── dllmain.cpp │ │ │ ├── stdafx.cpp │ │ │ ├── stdafx.h │ │ │ └── targetver.h │ ├── DemoDLL_RemoteProcess │ │ ├── DemoDLL_RemoteProcess.sln │ │ └── DemoDLL_RemoteProcess │ │ │ ├── DemoDLL_RemoteProcess.cpp │ │ │ ├── DemoDLL_RemoteProcess.vcxproj │ │ │ ├── DemoDLL_RemoteProcess.vcxproj.filters │ │ │ ├── ReadMe.txt │ │ │ ├── dllmain.cpp │ │ │ ├── stdafx.cpp │ │ │ ├── stdafx.h │ │ │ └── targetver.h │ ├── DemoExe │ │ ├── DemoExe.sln │ │ ├── DemoExe_MD │ │ │ ├── DemoExe_MD.cpp │ │ │ ├── DemoExe_MD.vcxproj │ │ │ ├── DemoExe_MD.vcxproj.filters │ │ │ ├── ReadMe.txt │ │ │ ├── stdafx.cpp │ │ │ ├── stdafx.h │ │ │ └── targetver.h │ │ └── DemoExe_MDd │ │ │ ├── DemoExe_MDd.cpp │ │ │ ├── DemoExe_MDd.vcxproj │ │ │ ├── DemoExe_MDd.vcxproj.filters │ │ │ ├── ReadMe.txt │ │ │ ├── stdafx.cpp │ │ │ ├── stdafx.h │ │ │ └── targetver.h │ ├── ExeToInjectInTo │ │ ├── ExeToInjectInTo.sln │ │ └── ExeToInjectInTo │ │ │ ├── ExeToInjectInTo.cpp │ │ │ ├── ExeToInjectInTo.vcxproj │ │ │ ├── ExeToInjectInTo.vcxproj.filters │ │ │ ├── ReadMe.txt │ │ │ ├── stdafx.cpp │ │ │ ├── stdafx.h │ │ │ └── targetver.h │ └── Shellcode │ │ ├── readme.txt │ │ ├── x64 │ │ ├── CallDllMain.asm │ │ ├── ExitThread.asm │ │ ├── GetFuncAddress.asm │ │ └── LoadLibraryA.asm │ │ └── x86 │ │ ├── CallDllMain.asm │ │ ├── ExitThread.asm │ │ └── GetProcAddress.asm ├── Invoke-Shellcode.ps1 ├── Invoke-WmiCommand.ps1 └── Usage.md ├── Exfiltration ├── Exfiltration.psd1 ├── Exfiltration.psm1 ├── Get-GPPAutologon.ps1 ├── Get-GPPPassword.ps1 ├── Get-Keystrokes.ps1 ├── Get-MicrophoneAudio.ps1 ├── Get-TimedScreenshot.ps1 ├── Get-VaultCredential.ps1 ├── Get-VaultCredential.ps1xml ├── Invoke-CredentialInjection.ps1 ├── Invoke-Mimikatz.ps1 ├── Invoke-NinjaCopy.ps1 ├── Invoke-TokenManipulation.ps1 ├── LogonUser │ └── LogonUser │ │ ├── LogonUser.sln │ │ ├── LogonUser │ │ ├── LogonUser.cpp │ │ ├── LogonUser.vcxproj │ │ ├── LogonUser.vcxproj.filters │ │ ├── ReadMe.txt │ │ ├── stdafx.cpp │ │ ├── stdafx.h │ │ └── targetver.h │ │ └── logon │ │ ├── ReadMe.txt │ │ ├── dllmain.cpp │ │ ├── logon.cpp │ │ ├── logon.vcxproj │ │ ├── logon.vcxproj.filters │ │ ├── stdafx.cpp │ │ ├── stdafx.h │ │ └── targetver.h ├── NTFSParser │ ├── NTFSParser.sln │ ├── NTFSParser │ │ ├── NTFS.h │ │ ├── NTFSParser.cpp │ │ ├── NTFSParser.vcxproj │ │ ├── NTFSParser.vcxproj.filters │ │ ├── NTFS_Attribute.h │ │ ├── NTFS_Common.h │ │ ├── NTFS_DataType.h │ │ ├── NTFS_FileRecord.h │ │ ├── ReadMe.txt │ │ ├── stdafx.cpp │ │ ├── stdafx.h │ │ └── targetver.h │ └── NTFSParserDLL │ │ ├── NTFS.h │ │ ├── NTFSParserDLL.cpp │ │ ├── NTFSParserDLL.vcxproj │ │ ├── NTFSParserDLL.vcxproj.filters │ │ ├── NTFS_Attribute.h │ │ ├── NTFS_Common.h │ │ ├── NTFS_DataType.h │ │ ├── NTFS_FileRecord.h │ │ ├── ReadMe.txt │ │ ├── dllmain.cpp │ │ ├── stdafx.cpp │ │ ├── stdafx.h │ │ └── targetver.h ├── Out-Minidump.ps1 ├── Usage.md └── VolumeShadowCopyTools.ps1 ├── LICENSE ├── Mayhem ├── Mayhem.psd1 ├── Mayhem.psm1 └── Usage.md ├── Persistence ├── Persistence.psd1 ├── Persistence.psm1 └── Usage.md ├── PowerSploit.psd1 ├── PowerSploit.psm1 ├── PowerSploit.pssproj ├── PowerSploit.sln ├── Privesc ├── Get-System.ps1 ├── PowerUp.ps1 ├── Privesc.psd1 ├── Privesc.psm1 └── README.md ├── README.md ├── Recon ├── Dictionaries │ ├── admin.txt │ ├── generic.txt │ └── sharepoint.txt ├── Get-ComputerDetail.ps1 ├── Get-HttpStatus.ps1 ├── Invoke-CompareAttributesForClass.ps1 ├── Invoke-Portscan.ps1 ├── Invoke-ReverseDnsLookup.ps1 ├── PowerView.ps1 ├── README.md ├── Recon.psd1 └── Recon.psm1 ├── ScriptModification ├── Out-CompressedDll.ps1 ├── Out-EncodedCommand.ps1 ├── Out-EncryptedScript.ps1 ├── Remove-Comment.ps1 ├── ScriptModification.psd1 ├── ScriptModification.psm1 └── Usage.md ├── Tests ├── CodeExecution.tests.ps1 ├── Exfiltration.tests.ps1 ├── PowerSploit.tests.ps1 ├── Privesc.tests.ps1 └── Recon.tests.ps1 ├── docs ├── AntivirusBypass │ └── Find-AVSignature.md ├── CodeExecution │ ├── Invoke-DllInjection.md │ ├── Invoke-ReflectivePEInjection.md │ ├── Invoke-Shellcode.md │ └── Invoke-WmiCommand.md ├── Mayhem │ ├── Set-CriticalProcess.md │ └── Set-MasterBootRecord.md ├── Persistence │ ├── Add-Persistence.md │ ├── Get-SecurityPackage.md │ ├── Install-SSP.md │ ├── New-ElevatedPersistenceOption.md │ └── New-UserPersistenceOption.md ├── Privesc │ ├── Add-ServiceDacl.md │ ├── Enable-Privilege.md │ ├── Find-PathDLLHijack.md │ ├── Find-ProcessDLLHijack.md │ ├── Get-ApplicationHost.md │ ├── Get-CachedGPPPassword.md │ ├── Get-ModifiablePath.md │ ├── Get-ModifiableRegistryAutoRun.md │ ├── Get-ModifiableScheduledTaskFile.md │ ├── Get-ModifiableService.md │ ├── Get-ModifiableServiceFile.md │ ├── Get-ProcessTokenGroup.md │ ├── Get-ProcessTokenPrivilege.md │ ├── Get-RegistryAlwaysInstallElevated.md │ ├── Get-RegistryAutoLogon.md │ ├── Get-ServiceDetail.md │ ├── Get-SiteListPassword.md │ ├── Get-System.md │ ├── Get-UnattendedInstallFile.md │ ├── Get-UnquotedService.md │ ├── Get-WebConfig.md │ ├── Install-ServiceBinary.md │ ├── Invoke-PrivescAudit.md │ ├── Invoke-ServiceAbuse.md │ ├── Invoke-WScriptUACBypass.md │ ├── Restore-ServiceBinary.md │ ├── Set-ServiceBinaryPath.md │ ├── Test-ServiceDaclPermission.md │ ├── Write-HijackDll.md │ ├── Write-ServiceBinary.md │ ├── Write-UserAddMSI.md │ └── index.md ├── Recon │ ├── Add-DomainGroupMember.md │ ├── Add-DomainObjectAcl.md │ ├── Add-RemoteConnection.md │ ├── Convert-ADName.md │ ├── ConvertFrom-SID.md │ ├── ConvertFrom-UACValue.md │ ├── ConvertTo-SID.md │ ├── Export-PowerViewCSV.md │ ├── Find-DomainLocalGroupMember.md │ ├── Find-DomainObjectPropertyOutlier.md │ ├── Find-DomainProcess.md │ ├── Find-DomainShare.md │ ├── Find-DomainUserEvent.md │ ├── Find-DomainUserLocation.md │ ├── Find-InterestingDomainAcl.md │ ├── Find-InterestingDomainShareFile.md │ ├── Find-InterestingFile.md │ ├── Find-LocalAdminAccess.md │ ├── Get-ComputerDetail.md │ ├── Get-Domain.md │ ├── Get-DomainComputer.md │ ├── Get-DomainController.md │ ├── Get-DomainDFSShare.md │ ├── Get-DomainDNSRecord.md │ ├── Get-DomainDNSZone.md │ ├── Get-DomainFileServer.md │ ├── Get-DomainForeignGroupMember.md │ ├── Get-DomainForeignUser.md │ ├── Get-DomainGPO.md │ ├── Get-DomainGPOComputerLocalGroupMapping.md │ ├── Get-DomainGPOLocalGroup.md │ ├── Get-DomainGPOUserLocalGroupMapping.md │ ├── Get-DomainGroup.md │ ├── Get-DomainGroupMember.md │ ├── Get-DomainManagedSecurityGroup.md │ ├── Get-DomainOU.md │ ├── Get-DomainObject.md │ ├── Get-DomainObjectAcl.md │ ├── Get-DomainPolicy.md │ ├── Get-DomainSID.md │ ├── Get-DomainSPNTicket.md │ ├── Get-DomainSite.md │ ├── Get-DomainSubnet.md │ ├── Get-DomainTrust.md │ ├── Get-DomainTrustMapping.md │ ├── Get-DomainUser.md │ ├── Get-DomainUserEvent.md │ ├── Get-Forest.md │ ├── Get-ForestDomain.md │ ├── Get-ForestGlobalCatalog.md │ ├── Get-ForestTrust.md │ ├── Get-HttpStatus.md │ ├── Get-NetComputerSiteName.md │ ├── Get-NetLocalGroup.md │ ├── Get-NetLocalGroupMember.md │ ├── Get-NetLoggedon.md │ ├── Get-NetRDPSession.md │ ├── Get-NetSession.md │ ├── Get-NetShare.md │ ├── Get-PathAcl.md │ ├── Get-RegLoggedOn.md │ ├── Get-WMIProcess.md │ ├── Get-WMIRegCachedRDPConnection.md │ ├── Get-WMIRegLastLoggedOn.md │ ├── Get-WMIRegMountedDrive.md │ ├── Get-WMIRegProxy.md │ ├── Invoke-Kerberoast.md │ ├── Invoke-Portscan.md │ ├── Invoke-ReverseDnsLookup.md │ ├── Invoke-RevertToSelf.md │ ├── Invoke-UserImpersonation.md │ ├── New-DomainGroup.md │ ├── New-DomainUser.md │ ├── Remove-RemoteConnection.md │ ├── Resolve-IPAddress.md │ ├── Set-DomainObject.md │ ├── Set-DomainObjectOwner.md │ ├── Set-DomainUserPassword.md │ ├── Test-AdminAccess.md │ └── index.md ├── ScriptModification │ ├── Out-CompressedDll.md │ ├── Out-EncodedCommand.md │ ├── Out-EncryptedScript.md │ └── Remove-Comment.md └── index.md └── mkdocs.yml /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/.gitignore -------------------------------------------------------------------------------- /AntivirusBypass/AntivirusBypass.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/AntivirusBypass/AntivirusBypass.psd1 -------------------------------------------------------------------------------- /AntivirusBypass/AntivirusBypass.psm1: -------------------------------------------------------------------------------- 1 | Get-ChildItem (Join-Path $PSScriptRoot *.ps1) | % { . $_.FullName} 2 | -------------------------------------------------------------------------------- /AntivirusBypass/Find-AVSignature.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/AntivirusBypass/Find-AVSignature.ps1 -------------------------------------------------------------------------------- /AntivirusBypass/Usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/AntivirusBypass/Usage.md -------------------------------------------------------------------------------- /CodeExecution/CodeExecution.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/CodeExecution.psd1 -------------------------------------------------------------------------------- /CodeExecution/CodeExecution.psm1: -------------------------------------------------------------------------------- 1 | Get-ChildItem (Join-Path $PSScriptRoot *.ps1) | % { . $_.FullName} 2 | -------------------------------------------------------------------------------- /CodeExecution/Invoke-DllInjection.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-DllInjection.ps1 -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection.ps1 -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL.sln -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj.filters -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/ReadMe.txt -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/dllmain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/dllmain.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/targetver.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.sln -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj.filters -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/ReadMe.txt -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/dllmain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/dllmain.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/targetver.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe.sln -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj.filters -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/ReadMe.txt -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/targetver.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj.filters -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/ReadMe.txt -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/targetver.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo.sln -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj.filters -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ReadMe.txt -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.cpp -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/targetver.h -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/CallDllMain.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/CallDllMain.asm -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/GetFuncAddress.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/GetFuncAddress.asm -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/CallDllMain.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/CallDllMain.asm -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/ExitThread.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/ExitThread.asm -------------------------------------------------------------------------------- /CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/GetProcAddress.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/GetProcAddress.asm -------------------------------------------------------------------------------- /CodeExecution/Invoke-Shellcode.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-Shellcode.ps1 -------------------------------------------------------------------------------- /CodeExecution/Invoke-WmiCommand.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Invoke-WmiCommand.ps1 -------------------------------------------------------------------------------- /CodeExecution/Usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/CodeExecution/Usage.md -------------------------------------------------------------------------------- /Exfiltration/Exfiltration.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Exfiltration.psd1 -------------------------------------------------------------------------------- /Exfiltration/Exfiltration.psm1: -------------------------------------------------------------------------------- 1 | Get-ChildItem (Join-Path $PSScriptRoot *.ps1) | % { . $_.FullName} 2 | -------------------------------------------------------------------------------- /Exfiltration/Get-GPPAutologon.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Get-GPPAutologon.ps1 -------------------------------------------------------------------------------- /Exfiltration/Get-GPPPassword.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Get-GPPPassword.ps1 -------------------------------------------------------------------------------- /Exfiltration/Get-Keystrokes.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Get-Keystrokes.ps1 -------------------------------------------------------------------------------- /Exfiltration/Get-MicrophoneAudio.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Get-MicrophoneAudio.ps1 -------------------------------------------------------------------------------- /Exfiltration/Get-TimedScreenshot.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Get-TimedScreenshot.ps1 -------------------------------------------------------------------------------- /Exfiltration/Get-VaultCredential.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Get-VaultCredential.ps1 -------------------------------------------------------------------------------- /Exfiltration/Get-VaultCredential.ps1xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Get-VaultCredential.ps1xml -------------------------------------------------------------------------------- /Exfiltration/Invoke-CredentialInjection.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Invoke-CredentialInjection.ps1 -------------------------------------------------------------------------------- /Exfiltration/Invoke-Mimikatz.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Invoke-Mimikatz.ps1 -------------------------------------------------------------------------------- /Exfiltration/Invoke-NinjaCopy.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Invoke-NinjaCopy.ps1 -------------------------------------------------------------------------------- /Exfiltration/Invoke-TokenManipulation.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Invoke-TokenManipulation.ps1 -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/LogonUser.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/LogonUser.sln -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/LogonUser/LogonUser.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/LogonUser/LogonUser.cpp -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/LogonUser/LogonUser.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/LogonUser/LogonUser.vcxproj -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/LogonUser/LogonUser.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/LogonUser/LogonUser.vcxproj.filters -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/LogonUser/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/LogonUser/ReadMe.txt -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/LogonUser/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/LogonUser/stdafx.cpp -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/LogonUser/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/LogonUser/stdafx.h -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/LogonUser/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/LogonUser/targetver.h -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/logon/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/logon/ReadMe.txt -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/logon/dllmain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/logon/dllmain.cpp -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/logon/logon.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/logon/logon.cpp -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/logon/logon.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/logon/logon.vcxproj -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/logon/logon.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/logon/logon.vcxproj.filters -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/logon/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/logon/stdafx.cpp -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/logon/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/logon/stdafx.h -------------------------------------------------------------------------------- /Exfiltration/LogonUser/LogonUser/logon/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/LogonUser/LogonUser/logon/targetver.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser.sln -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/NTFS.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/NTFS.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/NTFSParser.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/NTFSParser.cpp -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/NTFSParser.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/NTFSParser.vcxproj -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/NTFSParser.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/NTFSParser.vcxproj.filters -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/NTFS_Attribute.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/NTFS_Attribute.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/NTFS_Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/NTFS_Common.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/NTFS_DataType.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/NTFS_DataType.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/NTFS_FileRecord.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/NTFS_FileRecord.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/ReadMe.txt -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/stdafx.cpp -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/stdafx.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParser/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParser/targetver.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/NTFS.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/NTFS.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/NTFSParserDLL.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/NTFSParserDLL.cpp -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/NTFSParserDLL.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/NTFSParserDLL.vcxproj -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/NTFSParserDLL.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/NTFSParserDLL.vcxproj.filters -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/NTFS_Attribute.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/NTFS_Attribute.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/NTFS_Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/NTFS_Common.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/NTFS_DataType.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/NTFS_DataType.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/NTFS_FileRecord.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/NTFS_FileRecord.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/ReadMe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/ReadMe.txt -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/dllmain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/dllmain.cpp -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/stdafx.cpp -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/stdafx.h -------------------------------------------------------------------------------- /Exfiltration/NTFSParser/NTFSParserDLL/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/NTFSParser/NTFSParserDLL/targetver.h -------------------------------------------------------------------------------- /Exfiltration/Out-Minidump.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Out-Minidump.ps1 -------------------------------------------------------------------------------- /Exfiltration/Usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/Usage.md -------------------------------------------------------------------------------- /Exfiltration/VolumeShadowCopyTools.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Exfiltration/VolumeShadowCopyTools.ps1 -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/LICENSE -------------------------------------------------------------------------------- /Mayhem/Mayhem.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Mayhem/Mayhem.psd1 -------------------------------------------------------------------------------- /Mayhem/Mayhem.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Mayhem/Mayhem.psm1 -------------------------------------------------------------------------------- /Mayhem/Usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Mayhem/Usage.md -------------------------------------------------------------------------------- /Persistence/Persistence.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Persistence/Persistence.psd1 -------------------------------------------------------------------------------- /Persistence/Persistence.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Persistence/Persistence.psm1 -------------------------------------------------------------------------------- /Persistence/Usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Persistence/Usage.md -------------------------------------------------------------------------------- /PowerSploit.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/PowerSploit.psd1 -------------------------------------------------------------------------------- /PowerSploit.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/PowerSploit.psm1 -------------------------------------------------------------------------------- /PowerSploit.pssproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/PowerSploit.pssproj -------------------------------------------------------------------------------- /PowerSploit.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/PowerSploit.sln -------------------------------------------------------------------------------- /Privesc/Get-System.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Privesc/Get-System.ps1 -------------------------------------------------------------------------------- /Privesc/PowerUp.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Privesc/PowerUp.ps1 -------------------------------------------------------------------------------- /Privesc/Privesc.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Privesc/Privesc.psd1 -------------------------------------------------------------------------------- /Privesc/Privesc.psm1: -------------------------------------------------------------------------------- 1 | Get-ChildItem (Join-Path $PSScriptRoot *.ps1) | % { . $_.FullName} 2 | -------------------------------------------------------------------------------- /Privesc/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Privesc/README.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/README.md -------------------------------------------------------------------------------- /Recon/Dictionaries/admin.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Dictionaries/admin.txt -------------------------------------------------------------------------------- /Recon/Dictionaries/generic.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Dictionaries/generic.txt -------------------------------------------------------------------------------- /Recon/Dictionaries/sharepoint.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Dictionaries/sharepoint.txt -------------------------------------------------------------------------------- /Recon/Get-ComputerDetail.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Get-ComputerDetail.ps1 -------------------------------------------------------------------------------- /Recon/Get-HttpStatus.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Get-HttpStatus.ps1 -------------------------------------------------------------------------------- /Recon/Invoke-CompareAttributesForClass.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Invoke-CompareAttributesForClass.ps1 -------------------------------------------------------------------------------- /Recon/Invoke-Portscan.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Invoke-Portscan.ps1 -------------------------------------------------------------------------------- /Recon/Invoke-ReverseDnsLookup.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Invoke-ReverseDnsLookup.ps1 -------------------------------------------------------------------------------- /Recon/PowerView.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/PowerView.ps1 -------------------------------------------------------------------------------- /Recon/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/README.md -------------------------------------------------------------------------------- /Recon/Recon.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Recon/Recon.psd1 -------------------------------------------------------------------------------- /Recon/Recon.psm1: -------------------------------------------------------------------------------- 1 | Get-ChildItem (Join-Path $PSScriptRoot *.ps1) | % { . $_.FullName} 2 | -------------------------------------------------------------------------------- /ScriptModification/Out-CompressedDll.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/ScriptModification/Out-CompressedDll.ps1 -------------------------------------------------------------------------------- /ScriptModification/Out-EncodedCommand.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/ScriptModification/Out-EncodedCommand.ps1 -------------------------------------------------------------------------------- /ScriptModification/Out-EncryptedScript.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/ScriptModification/Out-EncryptedScript.ps1 -------------------------------------------------------------------------------- /ScriptModification/Remove-Comment.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/ScriptModification/Remove-Comment.ps1 -------------------------------------------------------------------------------- /ScriptModification/ScriptModification.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/ScriptModification/ScriptModification.psd1 -------------------------------------------------------------------------------- /ScriptModification/ScriptModification.psm1: -------------------------------------------------------------------------------- 1 | Get-ChildItem (Join-Path $PSScriptRoot *.ps1) | % { . $_.FullName} 2 | -------------------------------------------------------------------------------- /ScriptModification/Usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/ScriptModification/Usage.md -------------------------------------------------------------------------------- /Tests/CodeExecution.tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Tests/CodeExecution.tests.ps1 -------------------------------------------------------------------------------- /Tests/Exfiltration.tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Tests/Exfiltration.tests.ps1 -------------------------------------------------------------------------------- /Tests/PowerSploit.tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Tests/PowerSploit.tests.ps1 -------------------------------------------------------------------------------- /Tests/Privesc.tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Tests/Privesc.tests.ps1 -------------------------------------------------------------------------------- /Tests/Recon.tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/Tests/Recon.tests.ps1 -------------------------------------------------------------------------------- /docs/AntivirusBypass/Find-AVSignature.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/AntivirusBypass/Find-AVSignature.md -------------------------------------------------------------------------------- /docs/CodeExecution/Invoke-DllInjection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/CodeExecution/Invoke-DllInjection.md -------------------------------------------------------------------------------- /docs/CodeExecution/Invoke-ReflectivePEInjection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/CodeExecution/Invoke-ReflectivePEInjection.md -------------------------------------------------------------------------------- /docs/CodeExecution/Invoke-Shellcode.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/CodeExecution/Invoke-Shellcode.md -------------------------------------------------------------------------------- /docs/CodeExecution/Invoke-WmiCommand.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/CodeExecution/Invoke-WmiCommand.md -------------------------------------------------------------------------------- /docs/Mayhem/Set-CriticalProcess.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Mayhem/Set-CriticalProcess.md -------------------------------------------------------------------------------- /docs/Mayhem/Set-MasterBootRecord.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Mayhem/Set-MasterBootRecord.md -------------------------------------------------------------------------------- /docs/Persistence/Add-Persistence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Persistence/Add-Persistence.md -------------------------------------------------------------------------------- /docs/Persistence/Get-SecurityPackage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Persistence/Get-SecurityPackage.md -------------------------------------------------------------------------------- /docs/Persistence/Install-SSP.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Persistence/Install-SSP.md -------------------------------------------------------------------------------- /docs/Persistence/New-ElevatedPersistenceOption.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Persistence/New-ElevatedPersistenceOption.md -------------------------------------------------------------------------------- /docs/Persistence/New-UserPersistenceOption.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Persistence/New-UserPersistenceOption.md -------------------------------------------------------------------------------- /docs/Privesc/Add-ServiceDacl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Add-ServiceDacl.md -------------------------------------------------------------------------------- /docs/Privesc/Enable-Privilege.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Enable-Privilege.md -------------------------------------------------------------------------------- /docs/Privesc/Find-PathDLLHijack.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Find-PathDLLHijack.md -------------------------------------------------------------------------------- /docs/Privesc/Find-ProcessDLLHijack.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Find-ProcessDLLHijack.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ApplicationHost.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ApplicationHost.md -------------------------------------------------------------------------------- /docs/Privesc/Get-CachedGPPPassword.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-CachedGPPPassword.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ModifiablePath.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ModifiablePath.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ModifiableRegistryAutoRun.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ModifiableRegistryAutoRun.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ModifiableScheduledTaskFile.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ModifiableScheduledTaskFile.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ModifiableService.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ModifiableService.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ModifiableServiceFile.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ModifiableServiceFile.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ProcessTokenGroup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ProcessTokenGroup.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ProcessTokenPrivilege.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ProcessTokenPrivilege.md -------------------------------------------------------------------------------- /docs/Privesc/Get-RegistryAlwaysInstallElevated.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-RegistryAlwaysInstallElevated.md -------------------------------------------------------------------------------- /docs/Privesc/Get-RegistryAutoLogon.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-RegistryAutoLogon.md -------------------------------------------------------------------------------- /docs/Privesc/Get-ServiceDetail.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-ServiceDetail.md -------------------------------------------------------------------------------- /docs/Privesc/Get-SiteListPassword.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-SiteListPassword.md -------------------------------------------------------------------------------- /docs/Privesc/Get-System.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-System.md -------------------------------------------------------------------------------- /docs/Privesc/Get-UnattendedInstallFile.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-UnattendedInstallFile.md -------------------------------------------------------------------------------- /docs/Privesc/Get-UnquotedService.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-UnquotedService.md -------------------------------------------------------------------------------- /docs/Privesc/Get-WebConfig.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Get-WebConfig.md -------------------------------------------------------------------------------- /docs/Privesc/Install-ServiceBinary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Install-ServiceBinary.md -------------------------------------------------------------------------------- /docs/Privesc/Invoke-PrivescAudit.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Invoke-PrivescAudit.md -------------------------------------------------------------------------------- /docs/Privesc/Invoke-ServiceAbuse.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Invoke-ServiceAbuse.md -------------------------------------------------------------------------------- /docs/Privesc/Invoke-WScriptUACBypass.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Invoke-WScriptUACBypass.md -------------------------------------------------------------------------------- /docs/Privesc/Restore-ServiceBinary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Restore-ServiceBinary.md -------------------------------------------------------------------------------- /docs/Privesc/Set-ServiceBinaryPath.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Set-ServiceBinaryPath.md -------------------------------------------------------------------------------- /docs/Privesc/Test-ServiceDaclPermission.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Test-ServiceDaclPermission.md -------------------------------------------------------------------------------- /docs/Privesc/Write-HijackDll.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Write-HijackDll.md -------------------------------------------------------------------------------- /docs/Privesc/Write-ServiceBinary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Write-ServiceBinary.md -------------------------------------------------------------------------------- /docs/Privesc/Write-UserAddMSI.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/Write-UserAddMSI.md -------------------------------------------------------------------------------- /docs/Privesc/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Privesc/index.md -------------------------------------------------------------------------------- /docs/Recon/Add-DomainGroupMember.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Add-DomainGroupMember.md -------------------------------------------------------------------------------- /docs/Recon/Add-DomainObjectAcl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Add-DomainObjectAcl.md -------------------------------------------------------------------------------- /docs/Recon/Add-RemoteConnection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Add-RemoteConnection.md -------------------------------------------------------------------------------- /docs/Recon/Convert-ADName.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Convert-ADName.md -------------------------------------------------------------------------------- /docs/Recon/ConvertFrom-SID.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/ConvertFrom-SID.md -------------------------------------------------------------------------------- /docs/Recon/ConvertFrom-UACValue.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/ConvertFrom-UACValue.md -------------------------------------------------------------------------------- /docs/Recon/ConvertTo-SID.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/ConvertTo-SID.md -------------------------------------------------------------------------------- /docs/Recon/Export-PowerViewCSV.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Export-PowerViewCSV.md -------------------------------------------------------------------------------- /docs/Recon/Find-DomainLocalGroupMember.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-DomainLocalGroupMember.md -------------------------------------------------------------------------------- /docs/Recon/Find-DomainObjectPropertyOutlier.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-DomainObjectPropertyOutlier.md -------------------------------------------------------------------------------- /docs/Recon/Find-DomainProcess.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-DomainProcess.md -------------------------------------------------------------------------------- /docs/Recon/Find-DomainShare.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-DomainShare.md -------------------------------------------------------------------------------- /docs/Recon/Find-DomainUserEvent.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-DomainUserEvent.md -------------------------------------------------------------------------------- /docs/Recon/Find-DomainUserLocation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-DomainUserLocation.md -------------------------------------------------------------------------------- /docs/Recon/Find-InterestingDomainAcl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-InterestingDomainAcl.md -------------------------------------------------------------------------------- /docs/Recon/Find-InterestingDomainShareFile.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-InterestingDomainShareFile.md -------------------------------------------------------------------------------- /docs/Recon/Find-InterestingFile.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-InterestingFile.md -------------------------------------------------------------------------------- /docs/Recon/Find-LocalAdminAccess.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Find-LocalAdminAccess.md -------------------------------------------------------------------------------- /docs/Recon/Get-ComputerDetail.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-ComputerDetail.md -------------------------------------------------------------------------------- /docs/Recon/Get-Domain.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-Domain.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainComputer.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainComputer.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainController.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainController.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainDFSShare.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainDFSShare.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainDNSRecord.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainDNSRecord.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainDNSZone.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainDNSZone.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainFileServer.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainFileServer.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainForeignGroupMember.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainForeignGroupMember.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainForeignUser.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainForeignUser.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainGPO.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainGPO.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainGPOComputerLocalGroupMapping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainGPOComputerLocalGroupMapping.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainGPOLocalGroup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainGPOLocalGroup.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainGPOUserLocalGroupMapping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainGPOUserLocalGroupMapping.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainGroup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainGroup.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainGroupMember.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainGroupMember.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainManagedSecurityGroup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainManagedSecurityGroup.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainOU.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainOU.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainObject.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainObject.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainObjectAcl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainObjectAcl.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainPolicy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainPolicy.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainSID.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainSID.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainSPNTicket.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainSPNTicket.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainSite.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainSite.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainSubnet.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainSubnet.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainTrust.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainTrust.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainTrustMapping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainTrustMapping.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainUser.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainUser.md -------------------------------------------------------------------------------- /docs/Recon/Get-DomainUserEvent.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-DomainUserEvent.md -------------------------------------------------------------------------------- /docs/Recon/Get-Forest.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-Forest.md -------------------------------------------------------------------------------- /docs/Recon/Get-ForestDomain.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-ForestDomain.md -------------------------------------------------------------------------------- /docs/Recon/Get-ForestGlobalCatalog.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-ForestGlobalCatalog.md -------------------------------------------------------------------------------- /docs/Recon/Get-ForestTrust.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-ForestTrust.md -------------------------------------------------------------------------------- /docs/Recon/Get-HttpStatus.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-HttpStatus.md -------------------------------------------------------------------------------- /docs/Recon/Get-NetComputerSiteName.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-NetComputerSiteName.md -------------------------------------------------------------------------------- /docs/Recon/Get-NetLocalGroup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-NetLocalGroup.md -------------------------------------------------------------------------------- /docs/Recon/Get-NetLocalGroupMember.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-NetLocalGroupMember.md -------------------------------------------------------------------------------- /docs/Recon/Get-NetLoggedon.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-NetLoggedon.md -------------------------------------------------------------------------------- /docs/Recon/Get-NetRDPSession.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-NetRDPSession.md -------------------------------------------------------------------------------- /docs/Recon/Get-NetSession.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-NetSession.md -------------------------------------------------------------------------------- /docs/Recon/Get-NetShare.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-NetShare.md -------------------------------------------------------------------------------- /docs/Recon/Get-PathAcl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-PathAcl.md -------------------------------------------------------------------------------- /docs/Recon/Get-RegLoggedOn.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-RegLoggedOn.md -------------------------------------------------------------------------------- /docs/Recon/Get-WMIProcess.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-WMIProcess.md -------------------------------------------------------------------------------- /docs/Recon/Get-WMIRegCachedRDPConnection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-WMIRegCachedRDPConnection.md -------------------------------------------------------------------------------- /docs/Recon/Get-WMIRegLastLoggedOn.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-WMIRegLastLoggedOn.md -------------------------------------------------------------------------------- /docs/Recon/Get-WMIRegMountedDrive.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-WMIRegMountedDrive.md -------------------------------------------------------------------------------- /docs/Recon/Get-WMIRegProxy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Get-WMIRegProxy.md -------------------------------------------------------------------------------- /docs/Recon/Invoke-Kerberoast.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Invoke-Kerberoast.md -------------------------------------------------------------------------------- /docs/Recon/Invoke-Portscan.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Invoke-Portscan.md -------------------------------------------------------------------------------- /docs/Recon/Invoke-ReverseDnsLookup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Invoke-ReverseDnsLookup.md -------------------------------------------------------------------------------- /docs/Recon/Invoke-RevertToSelf.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Invoke-RevertToSelf.md -------------------------------------------------------------------------------- /docs/Recon/Invoke-UserImpersonation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Invoke-UserImpersonation.md -------------------------------------------------------------------------------- /docs/Recon/New-DomainGroup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/New-DomainGroup.md -------------------------------------------------------------------------------- /docs/Recon/New-DomainUser.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/New-DomainUser.md -------------------------------------------------------------------------------- /docs/Recon/Remove-RemoteConnection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Remove-RemoteConnection.md -------------------------------------------------------------------------------- /docs/Recon/Resolve-IPAddress.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Resolve-IPAddress.md -------------------------------------------------------------------------------- /docs/Recon/Set-DomainObject.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Set-DomainObject.md -------------------------------------------------------------------------------- /docs/Recon/Set-DomainObjectOwner.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Set-DomainObjectOwner.md -------------------------------------------------------------------------------- /docs/Recon/Set-DomainUserPassword.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Set-DomainUserPassword.md -------------------------------------------------------------------------------- /docs/Recon/Test-AdminAccess.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/Test-AdminAccess.md -------------------------------------------------------------------------------- /docs/Recon/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/Recon/index.md -------------------------------------------------------------------------------- /docs/ScriptModification/Out-CompressedDll.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/ScriptModification/Out-CompressedDll.md -------------------------------------------------------------------------------- /docs/ScriptModification/Out-EncodedCommand.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/ScriptModification/Out-EncodedCommand.md -------------------------------------------------------------------------------- /docs/ScriptModification/Out-EncryptedScript.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/ScriptModification/Out-EncryptedScript.md -------------------------------------------------------------------------------- /docs/ScriptModification/Remove-Comment.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/ScriptModification/Remove-Comment.md -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/docs/index.md -------------------------------------------------------------------------------- /mkdocs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JohnHammond/PowerSploit/HEAD/mkdocs.yml --------------------------------------------------------------------------------