PowerShell
Articles
Explore by topic:
Exfiltrate NTLM Hashes with PowerShell Profiles
The privilege escalation method shown in this article is a variant used by Russian-based espionage groups. It outlines an attacker’s ability to leverage built-in PowerShell features to execute arbitrary commands...
How to Connect to Office 365 PowerShell: Azure AD Modules
This post will cover how to connect PowerShell to Office 365 (Azure Active Directory (Azure AD)), which manages Microsoft 365 tenant identities and licenses. I will also cover connecting to...
Windows Management Instrumentation (WMI) Guide: Understanding WMI Attacks
Windows Management Instrumentation (WMI) is a subsystem of PowerShell that gives admins access to powerful system monitoring tools. Though this system has been designed to allow for fast, efficient system...
PowerShell Array Guide: How to Use and Create
Arrays are a fundamental feature of PowerShell. Arrays make it possible to ingest, manipulate and output true data structures (and not just raw strings). This capability makes PowerShell different and...
Insider Threats: Hard Lessons From WMI Eventing and Surveillance
Last time, we explored how a hypothetical insider could use the Windows Management Interface (WMI) and its eventing system to surveil other employees. No, I’m not the first person to...
Windows PowerShell Scripting Tutorial For Beginners
Windows PowerShell is a powerful tool for automating tasks and simplifying configuration and can be used to automate almost any task in the Windows ecosystem, including active directory and exchange....
How To Use PowerShell for Privilege Escalation with Local Computer Accounts
Privilege escalation is when an attacker is able to exploit the current rights of an account to gain additional, unexpected access. While this can be caused by zero-day vulnerabilities, state-level...
Windows PowerShell vs. CMD: What’s The Difference?
Back in the day, booting the then-cutting-edge IBM 8086 from the floppy brought you to a green text screen with a cursor blinking at the familiar C:\> prompt. Hacking boot.ini...
How to use PowerShell Objects and Data Piping
This article is a text version of a lesson from our PowerShell and Active Directory Essentials video course (use code ‘blog’ for free access). The course has proven to be...
How To Get Started with PowerShell and Active Directory Scripting
This article is a text version of a lesson from our PowerShell and Active Directory Essentials video course (use code ‘blog’ for free access). The course has proven to be...