IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [powershell]

task automation and configuration management CLI for Windows, the first release was in Windows XP SP2 in 2006

PowerShell is a CLI on Windows like CMD but it has enhanced functionality, since it was build up to create management scripts and automate system tasks.

89 questions
2
votes
1 answer

Block AzureRM PowerShell Module

Is there a way to block AzureRM PowerShell module commands from being executed by certain Azure AD users somewhere in Azure group policy? Or is there a way to do this with PowerShell tools?
C.J. May
  • 23
  • 4
2
votes
2 answers

How do you find out if your PC is reverse shelled?

I am just wondering, how do you find out is your PC is reverse shelled or not? Does your antivirus protect against it?
Marinaro
  • 21
  • 1
2
votes
2 answers

Admins running Powershell from their desktop instead of server

What security issues are presented by letting server admins in a corporate environment run PowerShell scripts from their local desktop rather than from the server? I am not a server guru by any means so I am curious what potential security issues…
mischievouspasta
  • 29
  • 1
2
votes
2 answers

Missing Powershell Logging Options in Group Policy Editor

I have configured a Windows 7 domain workstation and a Windows server 2012r2 server as the domain controller. After fully updating both machines, I followed the instructions here: https://msdn.microsoft.com/en-us/powershell/wmf/5.0/requirements to…
Beetle
  • 303
  • 2
  • 9
1
vote
1 answer

PowerShell / Windows - Security best practices for enabling Windows Remote Management

As the title indicates, I'm looking for industry best practices for enabling Windows Remote Management on a mix of Windows Servers (from 2000, 2003, 2008/R2 and 2012) to allow PowerShell to execute commands on a remote server. What are some security…
maxflipz
  • 11
  • 2
1
vote
0 answers

Is it safe to disable certificate checking?

I am developing a web API, which runs only on my local computer, and using PowerShell to test it. Here is an example test: $baseUri = 'https://localhost:5001' $body = '{ "title": "Lofi Guitar Loop", "preview": "/media/mp3/21-10-06.mp3", …
Matt Cassinelli
  • 11
  • 1
1
vote
0 answers

Intercept API calls of powershell module

I am looking at a way to intercept the API call made by the AzureAD powershell module. Wireshark is not able to decrypt the TLS packets sent and I'd also like to work with the HTTP requests rather than single packets. So my question is: is there a…
LucaBonadia
  • 11
  • 3
1
vote
1 answer

How to run PrintSpoofer in memory from powershell?

PrintSpoofer uses named pipe impersonation to elevate on Windows 10 to SYSTEM from a user with SeImpersonatePrivilege (Local Service, Network Service, Administrator etc.). The compiled version is detected by Windows Defender, therefore it would be…
PaperTsar
  • 123
  • 5
1
vote
1 answer

Possible to create a self-signed certificate with AIA extension using PowerShell or openssl?

I am able to use the PowerShell New-SelfSignedCertificate cmdlet to create a self-signed cert just fine, but I'd like to create one with an AIA extension and give it an OCSP responder URL. There is a cmdlet parameter called -Extension, but the docs…
ericOnline
  • 297
  • 2
  • 6
1
vote
1 answer

Learn Bash or Powershell for Security Work?

Is Bash more commonly used in security work than PowerShell? If so, why? (Now that Powershell can be used on Linux) I tried to Google around for an answer on this, and the only questions we seem to have here are quite different, e.g.: What should I…
VSO
  • 523
  • 1
  • 5
  • 10
1
vote
1 answer

How does one tighten up their git repo security for Powershell?

Back when I was a Java developer, we used to use build.properties or build.xml to store sensitive information outside of the VCS and just add the file with whatever passwords would go in it after check out. But that's pretty language specific to…
leeand00
  • 1,297
  • 1
  • 13
  • 21
1
vote
2 answers

Getting an Interactive Powershell Reverse Shell Using socat

I've read that socat is capable of creating interactive shells. I'd like to create an interactive Powershell shell. Kali Listener # socat - tcp4-listen:1338 Windows (socat.exe used from here:…
RandomDisplayName45463
  • 11
  • 3
1
vote
0 answers

Calling Powershell script from external program passing an argument

I have an external program which calls a PowerShell script with a random secret identifier as a single argument. The PowerShell script needs to return the same random secret id when it calls the REST client on the external program. Even though the…
Geo V
  • 11
  • 2
1
vote
0 answers

gpg won't find public key if not in interactive session

How to make imported public key available after logging off? I have a Powershell process that encrypts the file (recipient was masked): Start-Process "gpg.exe" -ArgumentList "--batch --yes --always-trust --recipient 3******D --log-file l.txt…
bigder
  • 11
  • 1
1
vote
2 answers

What causes Windows security logs saying an attempt was made to reset an account's password?

This falls under the category of eliminating what might be normal activity from my attention. I'm looking at Windows 7 security event logs. I don't have context to know if the following event is a normal occurrence. It happens 10 times a day or…
mcgyver5
  • 6,807
  • 2
  • 24
  • 45
1 2
3
4 5 6