search

PowerShell Snippets

Bypass application whitelisting and CLM with runscripthelper and WMIchevron-rightCreate fake PowerShell logschevron-rightEnumerate AD ACLschevron-rightEnumerate WMI eventschevron-rightEnumerate Domain Trustschevron-rightEnumerate change metadatachevron-rightEnumerate non-signed service binarieschevron-rightEnumerate with GPOschevron-rightFind signed alternate PowerShell hostschevron-rightGet AMSI modulechevron-rightGroup processes by user with WMIchevron-rightHide processes from Get-Processchevron-rightMalware re-purposing with PowerShell reflectionchevron-rightMonitor PowerShell hosts with WMIchevron-rightPowerShell reflection offensive use-casechevron-rightQuery PowerShell alternative hosts with WMIchevron-rightRetrieve file certificatechevron-rightSearch LDAP for misconfigurationschevron-rightSign custom code with PowerShellchevron-rightWMI service creationchevron-rightWeak folder permission enumerationchevron-right
PreviousInterfacing with ADNextBypass application whitelisting and CLM with runscripthelper and WMI