Get-Help
--------
Get-Project
-----------
Get-Publication
---------------
Get-Community
-------------

Posts Tagged ‘win32’

PoshInternals – Get-Dll

January 29th, 2013 8 Comments

The ListDlls SysInternals tool is used to list the DLLs that are loaded into processes on the system. It can either return DLLs for all processes, a single process or return processes that contain a particular DLL. It also has the ability to flag DLLs that are rebased and unsigned. Most of this functionality is [...]

Read More »
Posted in PowerShell | Tags: , , ,

PoshInternals – Move-FileOnReboot, Remove-FileOnReboot and Get-PendingFileRenameOperation

January 26th, 2013 2 Comments

Other posts found in this series PoshInternals – Get-Handle Another cool tool in the SysInternals suite is MoveFile and PendMoves. Rather than moving the file immediately the tool is used to move, rename or delete a file on restart. The System Manager looks at a special registry key to determine which files to are candidates [...]

Read More »
Posted in PowerShell | Tags: , ,

PoshInternals – Get-Handle

January 24th, 2013 9 Comments

Other posts found in this series PostInternals – Move-FileOnReboot, Remove-FileOnReboot, Get-PendingFileRenameOperation The SysInternals suite is a collection of tools authored by Mark Russinovich. The tools offer all kinds of deep system analysis for Windows. Some of the most commonly used tools include Process Explorer, Process Monitor and psexec. I use them all the time. After much [...]

Read More »
Posted in PowerShell, Uncategorized | Tags: , , , , ,

Using Unregistered COM Objects in PowerShell

December 14th, 2012 2 Comments

PowerShell interops with COM components beautifully. It’s very easy to instantiate and discover what a COM object can do. This makes working with legacy systems much easier. One problem with COM is that it requires a component to be registered on the system for it to be used. Thus it requires administrative privileges. Recently, I have [...]

Read More »
Posted in PowerShell, Programming | Tags: , , , , , , ,

Detouring Win32 Function Calls in PowerShell

November 27th, 2012 7 Comments

Detouring Win32 API function calls is a more common practice than some may think. A long standing Microsoft research project has made this very easy in unmanaged code. The Detours project injects a hook in between a process and a Windows library (or any library for that matter). So when the process goes to call [...]

Read More »
Posted in PowerShell, Programming | Tags: , , , , , , , , ,
Subscribe to RSS Feed Follow me on Twitter!