This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| accesschk -w -s -u Users "C:\Program Files" >> programfiles.txt | |
| accesschk -w -s -u Everyone "C:\Program Files" >> programfiles.txt | |
| accesschk -w -s -u "Authenticated Users" "C:\Program Files" >> programfiles.txt | |
| accesschk -w -s -u Interactive "C:\Program Files" >> programfiles.txt | |
| accesschk -w -s -u "This Organization" "C:\Program Files" >> programfiles.txt | |
| accesschk -w -s -u "Authentication authority asserted identity" "C:\Program Files" >> programfiles.txt | |
| accesschk -w -s -u "Mandatory Label\Medium Mandatory Level" "C:\Program Files" >> programfiles.txt | |
| accesschk -w -s -u %username% "C:\Program Files" >> programfiles.txt | |
| accesschk -w -s -u Users "C:\Program Files (x86)" >> programfilesx86.txt |
indented-automation
/ Get-InstalledSoftware.ps1
Last active
July 7, 2025 19:52
Get-InstalledSoftware
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InstalledSoftware { | |
| <# | |
| .SYNOPSIS | |
| Get all installed from the Uninstall keys in the registry. | |
| .DESCRIPTION | |
| Read a list of installed software from each Uninstall key. | |
| This function provides an alternative to using Win32_Product. | |
| .EXAMPLE | |
| Get-InstalledSoftware |
LawrenceHwang
/ get-tasklist.ps1
Last active
September 9, 2019 21:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| A wrapper for the tasklist /v /s COMPUTERNAME | |
| .DESCRIPTION | |
| This is a wrapper for the tasklist command. In the case PowerShell remoting is not available, this cmdlet would be useful to gather the process infromation. | |
| #> | |
| function Get-Tasklist | |
| { | |
| [CmdletBinding()] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Logparser | |
| ############### | |
| # Security Log | |
| ############### | |
| # Find Event id | |
| & 'C:\Program Files (x86)\Log Parser 2.2\LogParser.exe' -stats:OFF -i:EVT "SELECT * FROM 'Security.evtx' WHERE EventID = '5038'" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Security log | |
| #============ | |
| #### | |
| #4624 - Logon & Logoff events successful | |
| #4625 - Logon unsucceful | |
| #### | |
| # Get usernames | |
| Get-WinEvent -path .\Security.evtx | Where {$_.id -eq "4624"} | Foreach {([xml]$_.ToXml()).GetElementsByTagName("Data").ItemOf(5)}| Select -ExpandProperty "#text" -Unique | |
| # Get domains |
NewerOlder