├── LICENSE ├── README.md ├── appendix_a └── appendix_a_listings.ps1 ├── chapter_10 ├── chapter_10_listings.ps1 ├── listing_10_16.ps1 ├── listing_10_17.ps1 ├── listing_10_20.ps1 ├── listing_10_21_to_10_34.ps1 ├── listing_10_3.ps1 ├── listing_10_35_to_10_36.ps1 ├── listing_10_40.ps1 ├── listing_10_6.ps1 └── listing_10_8.ps1 ├── chapter_11 ├── chapter_11_listings.ps1 └── listing_11_7.ps1 ├── chapter_12 ├── chapter_12_listings.ps1 ├── listing_12_10.ps1 ├── listing_12_11.ps1 ├── listing_12_12.ps1 ├── listing_12_2.ps1 ├── listing_12_4.ps1 └── listing_12_9.ps1 ├── chapter_13 ├── chapter_13_listings.ps1 ├── listing_13_12.ps1 ├── network_protocol_client.ps1 ├── network_protocol_common.psm1 └── network_protocol_server.ps1 ├── chapter_14 ├── chapter_14_listings.ps1 └── listing_14_32.ps1 ├── chapter_15 ├── chapter_15_listings.ps1 ├── get_server_cert.ps1 ├── listing_15_13.ps1 ├── listing_15_23_to_15_26.ps1 └── listing_15_27_to_15_29.ps1 ├── chapter_2 └── chapter_2_listings.ps1 ├── chapter_3 └── chapter_3_listings.ps1 ├── chapter_4 ├── chapter_4_listings.ps1 ├── listing_4_29.ps1 └── listing_4_35.ps1 ├── chapter_5 └── chapter_5_listings.ps1 ├── chapter_6 ├── chapter_6_listings.ps1 ├── listing_6_1.ps1 └── listing_6_45.ps1 ├── chapter_7 ├── chapter_7_access_check_impl.psm1 ├── chapter_7_listings.ps1 ├── listing_7_14.ps1 ├── listing_7_32.ps1 └── listing_7_33.ps1 ├── chapter_8 └── chapter_8_listings.ps1 └── chapter_9 └── chapter_9_listings.ps1 /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/README.md -------------------------------------------------------------------------------- /appendix_a/appendix_a_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/appendix_a/appendix_a_listings.ps1 -------------------------------------------------------------------------------- /chapter_10/chapter_10_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/chapter_10_listings.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_16.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/listing_10_16.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_17.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/listing_10_17.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_20.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/listing_10_20.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_21_to_10_34.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/listing_10_21_to_10_34.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_3.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/listing_10_3.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_35_to_10_36.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/listing_10_35_to_10_36.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_40.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/listing_10_40.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_6.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_10/listing_10_6.ps1 -------------------------------------------------------------------------------- /chapter_10/listing_10_8.ps1: -------------------------------------------------------------------------------- 1 | #Requires -RunAsAdministrator 2 | 3 | # Listing 10-8 4 | Get-NtAccountRight -Type Logon -------------------------------------------------------------------------------- /chapter_11/chapter_11_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_11/chapter_11_listings.ps1 -------------------------------------------------------------------------------- /chapter_11/listing_11_7.ps1: -------------------------------------------------------------------------------- 1 | #Requires -RunAsAdministrator 2 | 3 | # Listing 11-7 4 | Get-LsaPrivateData '$MACHINE.ACC' | Out-HexDump -ShowAll -------------------------------------------------------------------------------- /chapter_12/chapter_12_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_12/chapter_12_listings.ps1 -------------------------------------------------------------------------------- /chapter_12/listing_12_10.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_12/listing_12_10.ps1 -------------------------------------------------------------------------------- /chapter_12/listing_12_11.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_12/listing_12_11.ps1 -------------------------------------------------------------------------------- /chapter_12/listing_12_12.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_12/listing_12_12.ps1 -------------------------------------------------------------------------------- /chapter_12/listing_12_2.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_12/listing_12_2.ps1 -------------------------------------------------------------------------------- /chapter_12/listing_12_4.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_12/listing_12_4.ps1 -------------------------------------------------------------------------------- /chapter_12/listing_12_9.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_12/listing_12_9.ps1 -------------------------------------------------------------------------------- /chapter_13/chapter_13_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_13/chapter_13_listings.ps1 -------------------------------------------------------------------------------- /chapter_13/listing_13_12.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_13/listing_13_12.ps1 -------------------------------------------------------------------------------- /chapter_13/network_protocol_client.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_13/network_protocol_client.ps1 -------------------------------------------------------------------------------- /chapter_13/network_protocol_common.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_13/network_protocol_common.psm1 -------------------------------------------------------------------------------- /chapter_13/network_protocol_server.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_13/network_protocol_server.ps1 -------------------------------------------------------------------------------- /chapter_14/chapter_14_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_14/chapter_14_listings.ps1 -------------------------------------------------------------------------------- /chapter_14/listing_14_32.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_14/listing_14_32.ps1 -------------------------------------------------------------------------------- /chapter_15/chapter_15_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_15/chapter_15_listings.ps1 -------------------------------------------------------------------------------- /chapter_15/get_server_cert.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_15/get_server_cert.ps1 -------------------------------------------------------------------------------- /chapter_15/listing_15_13.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_15/listing_15_13.ps1 -------------------------------------------------------------------------------- /chapter_15/listing_15_23_to_15_26.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_15/listing_15_23_to_15_26.ps1 -------------------------------------------------------------------------------- /chapter_15/listing_15_27_to_15_29.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_15/listing_15_27_to_15_29.ps1 -------------------------------------------------------------------------------- /chapter_2/chapter_2_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_2/chapter_2_listings.ps1 -------------------------------------------------------------------------------- /chapter_3/chapter_3_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_3/chapter_3_listings.ps1 -------------------------------------------------------------------------------- /chapter_4/chapter_4_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_4/chapter_4_listings.ps1 -------------------------------------------------------------------------------- /chapter_4/listing_4_29.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_4/listing_4_29.ps1 -------------------------------------------------------------------------------- /chapter_4/listing_4_35.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_4/listing_4_35.ps1 -------------------------------------------------------------------------------- /chapter_5/chapter_5_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_5/chapter_5_listings.ps1 -------------------------------------------------------------------------------- /chapter_6/chapter_6_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_6/chapter_6_listings.ps1 -------------------------------------------------------------------------------- /chapter_6/listing_6_1.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_6/listing_6_1.ps1 -------------------------------------------------------------------------------- /chapter_6/listing_6_45.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_6/listing_6_45.ps1 -------------------------------------------------------------------------------- /chapter_7/chapter_7_access_check_impl.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_7/chapter_7_access_check_impl.psm1 -------------------------------------------------------------------------------- /chapter_7/chapter_7_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_7/chapter_7_listings.ps1 -------------------------------------------------------------------------------- /chapter_7/listing_7_14.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_7/listing_7_14.ps1 -------------------------------------------------------------------------------- /chapter_7/listing_7_32.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_7/listing_7_32.ps1 -------------------------------------------------------------------------------- /chapter_7/listing_7_33.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_7/listing_7_33.ps1 -------------------------------------------------------------------------------- /chapter_8/chapter_8_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_8/chapter_8_listings.ps1 -------------------------------------------------------------------------------- /chapter_9/chapter_9_listings.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tyranid/windows-security-internals/HEAD/chapter_9/chapter_9_listings.ps1 --------------------------------------------------------------------------------