Posts Tagged ‘windows’

PoshInternals – Get-Handle

Other posts found in this series PostInternals – Move-FileOnReboot, Remove-FileOnReboot, Get-PendingFileRenameOperation The SysInternals suite is a collection of tools authored by┬áMark Russinovich. The tools offer all kinds of deep system analysis for Windows. Some of the most commonly used tools include Process Explorer, Process Monitor and psexec. I use them all the time. After much […]

Hooking a Remote Process and Stealing a Password in PowerShell

In my last post we looked at how to hook the local PowerShell process and adjust the date by hooking the GetSystemTimeAsFileTime WinAPI function. This was accomplished using EasyHook, a detouring library similar to Microsoft Detours. In this post I’ll show you how to hook a remote process and inject our own implementation of a […]

Microsoft Windows PowerShell 3.0 First Look has been released!

I’m happy to announce that my first book, Microsoft Windows PowerShell 3.0 First Look, has been released! If you pre-ordered you should be receiving your book shortly. I’m excited to hear feedback. Please feel free to comment or email myself or Packt. I’d like to thank all the editors that helped get this book off […]

Fun with CIM Associations

I have been playing with the new CIM cmdlets in PowerShell 3.0. They are really handy and I am excited to see what Microsoft does with NanoWBEM. It will be really cool to use this technology outside of the Windows stack. I have know how cool WMI and CIM have been for awhile but seeing […]