Skip to content


Folders and files

Last commit message
Last commit date

Latest commit


Repository files navigation

PoshSec PowerShell Module

  • Release 2.0-Pre
  • License BSD 3-Clause

PoshSec 2.0 is expected to be released October 2017.

New in this release

New Features

  • Get-SecADComputerInventory - Gets all computer objects inside users Active Directory domain.
  • Get-SecAllADAccount - Gets all accounts in an Active Directory domain.
  • Get-SecDomainAdmins - Gets domain admins from current or specified domain.
  • New Auditing Sub Module. Commands include
    • Get-SecNewProcessCreation - Checks the Security Event Log for Process Creation Events.
  • New Intrusion Detection Sub Module
    • New-HoneyToken - Inject artificial credentials into LSASS.

Quality of life improvements

  • All commands have full and updated help.
  • New module structure. Release includes Pester test files.
  • Removed PowerShell 2.0 Support
Features removed in this release
  • Get-SecAllAccounts - Changed name and rewrote as Get-SecAllADAccount
  • Forensics Functions - With the amazing PowerForensics module, we hope that if you want to add items related to forensics you would submit a pull request to that project.
Installing PoshSec
  1. Download module
  2. Unblock .zip file
  3. Extract module files to $env:userprofile\Documents\WindowsPowerShell\Modules
  4. Launch PowerShell
  5. Import Module
Import-Module -Name PoshSec -Force
Project Information

The project maintains a Kanban board that anyone can view. You can view the board at You can get features added to the board by emailing Matt Johnson or filing an issue on our Github page.

Pester Tests

Build status

Issues Status

Stories in Ready Backlog

Community Information