使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。
-
Updated
Jan 18, 2022 - PowerShell
使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。
📚 Large base of PowerShell notes in Russian language (Сheat Sheet & Documentation).
PowerEvents is a PowerShell module that assists in the registration of WMI permanent event subscriptions.
PowerShellUtilities provides various utility commandlets.
Remote Shadow Administrator (GUI form for remote connect to users)
PowerShell Module for managing the MEMCM client
This PowerShell module contains functions for creating and managing WMI Namespaces, Classes and Instances.
Invoke-KleptoKitty - Deploys Payloads and collects credentials
REST API and Web server based on .NET HttpListener and backend PowerShell Core for Windows remote managment via Web browser or curl from Linux
This is a collection of all my scripts over a 13+ year time period. Languages: Bash/sh, HTML, JS, SQL, Perl, PHP, Python, PowerShell, CMD(Batch), WMI, Wsh, Docker/docker-compose.yml conf, Nginx (.conf)
Asynchronous Remote Evidence Retrieval for rapid network-wide threat hunting
Module for local and remote data acquisition temperature, load and other sensors system, for implement monitoring via InfluxDB and Grafana
Svendsen Tech's Gwmi-Async.ps1 is an asynchronous wrapper around Get-WmiObject, compatible with PSv2, that also handles errors and timeouts gracefully. It is designed to retrieve and collect data from a (potentially large) list of computers. A custom XML parser that's very flexible goes with it.
ProcessBouncer is a simple but effective powershell-based tool for blocking malware with a process-based approach. ProcessBouncer is not comparable to a full-fledged anti virus product but it can act as an additional line of defense.
Access help for .NET and CIM (WMI) objects from the console.
Wrote this for an Enterprise environment that has both Windows 7 and WIndows 10 Computers. It works (atm) for both. Something quick and dirty if I needed to replace a remote client, and wanted to get a list of the installed software.
Fetch and print key Windows system info
Add a description, image, and links to the wmi topic page so that developers can more easily learn about it.
To associate your repository with the wmi topic, visit your repo's landing page and select "manage topics."