/sandbox-attacksurface-analysis-tools

Switch branches/tags
Nothing to show
Find file History
sandbox-attacksurface-analysis-tools/NtObjectManager/
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
..
Failed to load latest commit information.
Properties Updated versions. Oct 11, 2017
en-US
CommonAccessBaseCmdlet.cs
Formatters.ps1xml Added manifest processing as a PS function. Aug 22, 2017
GenericObjectSecurity.cs
GetAccessibleDeviceCmdlet.cs Added simple named pipe access cmdlet. Jun 12, 2017
GetAccessibleFileCmdlet.cs Added simple named pipe access cmdlet. Jun 12, 2017
GetAccessibleHandle.cs Added Get-AccessibleHandle cmdlet. Oct 11, 2017
GetAccessibleKeyCmdlet.cs
GetAccessibleNamedPipeCmdlet.cs
GetAccessibleObjectCmdlet.cs
GetAccessibleProcessCmdlet.cs fix init SessionId in GetAccessibleProcessCmdlet.cs Sep 4, 2017
GetAccessibleServiceCmdlet.cs
NtDirectoryCmdlets.cs
NtDirectoryEntry.cs Refactoring to add non-throwing open/create calls. Jun 8, 2017
NtEventCmdlets.cs
NtFileCmdlets.cs
NtHandleCmdlets.cs
NtJobCmdlets.cs
NtKeyCmdlets.cs
NtMutantCmdlets.cs Fix header comments. Nov 1, 2016
NtObjectCmdlets.cs
NtObjectManager.csproj Added Get-AccessibleHandle cmdlet. Oct 11, 2017
NtObjectManager.psd1 Updated versions. Oct 11, 2017
NtObjectManager.psm1 Added Get-NtFilePath function and fixed some issues with the script. Aug 31, 2017
NtObjectManagerProvider.cs
NtProcessCmdlets.cs
NtSectionCmdlets.cs
NtSecurityCmdlets.cs
NtSemaphoreCmdlets.cs
NtSymbolicLinkCmdlet.cs
NtThreadCmdlets.cs
NtTokenCmdlets.cs
NtTypesCmdlets.cs
NtWaitCmdlets.cs Fix mistakes in help file. Apr 3, 2017
ObjectManagerProvider.cs
Readme.txt
packages.config Work on moving many of the access check tools into the powershell mod… Jun 6, 2017

Readme.txt 

NtObjectManager - Managed .NET Powershell Module

(c) Google Inc. 2015, 2016, 2017
Developed by James Forshaw

You can load the using the Import-Module Cmdlet. You'll need to disable signing 
requirements however.

For example copy the module to %USERPROFILE%\Documents\WindowsPowerShell\Modules
then load the module with:

Import-Module NtObjectManager

You can now do things like listing the NT object manager namespace using:

Get-ChildItem NtObject:\

Also see help for various commons such as Get-NtProcess, Get-NtType or New-File.

Patches are welcome to add missing functions or fix bugs, see the CONTRIBUTING file 
in the root of the solution.

Thanks to the people who were willing to test it and give feedback:
* Matt Graeber
* Lee Holmes
* Casey Smith
* Jared Atkinson