Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/truekonrads/powerspells
Small collection of powershell scripts useful during lateral movement
https://github.com/truekonrads/powerspells
pentest-scripts powershell-script red-team
Last synced: 25 days ago
JSON representation
Small collection of powershell scripts useful during lateral movement
- Host: GitHub
- URL: https://github.com/truekonrads/powerspells
- Owner: truekonrads
- License: bsd-3-clause
- Created: 2018-02-16T16:23:50.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2018-03-07T18:35:54.000Z (almost 7 years ago)
- Last Synced: 2024-08-03T23:08:31.835Z (4 months ago)
- Topics: pentest-scripts, powershell-script, red-team
- Language: PowerShell
- Size: 10.7 KB
- Stars: 5
- Watchers: 3
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-security-collection - **2**星
README
# powerspells
Small collection of powershell scripts useful during lateral movement
## Find-InterestingFiles
Look for keywords in files and package them for exfil. The "LocationIsServer" allows you to specify a file share (e.g. \\myserver) and it will pillage all shares
```
FindInterestingFiles 'C:\secrets' -packfiles $true -compress $true -outputfile here.bin
```
(decompress with gunzip)
## ADQuery
Ask Something of Active Directory (thin LDAP wrapper)
```
(AdQuery -ldapflter $ldapfilter).FindAll() | % {$_.Properties | Convert-LDAPProperty }
```
## FindVeryActiveComputers
Look for computers logged on to AD with their computer account in last 8 hours
```
FindVeryActiveComputers -osversion "*"
```
## OneObject
Fetch one object matching a filter
```
OneObject -ldapfilter "(name=truekonrads)"
```