WMI Classes (detailed)

 

Win32 Classes (Windows)

Windows Post Exploitation Cmdlets Execution (PowerShell)

Presence

This section focuses on information gathering about the victim host and the network that it’s attached to.

System

shows-all-current-environmental-variables-macos

WMI

Networking

Users

Configs

Finding important files

Files to pull

Remote system access

Software

Auto­Start directories


Persistance

This section focuses on gaining a foothold to re­gain, or re­obtain access to a system through means of authentication, backdoors, etc..

Download

Compress or expand ZIP archive

Reg command exit

Deleting logs

Uninstalling software „Antivirus“

Invasive or altering commands

ADB Shell Commands

The Android Debug Bridge (adb) provides a Unix shell that you can use to run a variety of commands on an emulator or connected device.

 

ADB Shell Commands

http://developer.android.com/intl/es/tools/help/shell.html


 

Issuing Shell Commands

You can use the shell command to issue commands, with or without entering the adb remote shell on the emulator/device. To issue a single command without entering a remote shell, use the shell command like this:

 

List of all attached device

 

Download a specified file from an device to your computer

 

Upload a specified file from your computer to an device

 

List directory contents

 

Change directory

 

Remove files or directories

 

Make directories

 

Create empty file

 

Current working directory location

 

Copy files and directories

 

Move or rename files

 

Starts (restarts) an emulator/device instance

 

Stops execution of an emulator/device instance

 

Prints kernel debugging messages to the screen

 

Show/manipulate routing, devices, policy routing and tunnels

 

Network statistics

 

Network connection tool

 

Test the connection and latency between two network connection

 

Using activity manager (am)

Activity manager (am) tool to perform various system actions, such as start an activity, force-stop a process, broadcast an intent, modify the device screen properties, and more. While in a shell, the syntax is:

Available activity manager commands:

Start an Activity specified by <INTENT>.

Start the Service specified by <INTENT>.

Kill all processes associated with <PACKAGE>

 

Using package manager (pm)

Within an adb shell, you can issue commands with the package manager (pm) tool to perform actions and queries on application packages installed on the device. While in a shell, the syntax is:

Available activity manager commands:

Prints all packages, optionally only those whose package name contains the text in <FILTER>.

Prints all known permission groups

Prints all known permissions, optionally only those in <GROUP>

Prints all features of the system

Prints all users on the system

Installs a package (specified by <PATH>) to the system

 

Taking a device screenshot

The screencap command is a shell utility for taking a screenshot of a device display. While in a shell, the syntax is:

 

Recording a device screen

The screenrecord command is a shell utility for recording the display of devices running Android 4.4 (API level 19) and higher. The utility records screen activity to an MPEG-4 file.

 

List of all the available shell programs

 

More commands

 

Mover un objeto en JavaScript usando el teclado

Mover un objeto en JavaScript usando el teclado

Herramienta de desarrollo console

 

Seguridad informática con PowerShell

Introducción

  • Confidencialidad

  • Integridad

  • Disponibilidad
  • Autenticación
  • No repudio

Seguridad física

  • Analizar el hardware de los equipos de la empresa

  • Ver dispositivos conectados (móviles, almacenamiento USB, etc.)


Seguridad lógica

  • Ver información sobre usuarios y grupos (usuario que ha iniciado sesión)

  • Crear usuarios y grupos (procedimiento de creación)

  • Analizar el software de los equipos de la empresa

  • Analizar los programas que están instalados en los equipos de la empresa y ver la relación que tienen con los procesos y servicios

  • Analizar los programas que están instalados en los equipos de la empresa y ver la relación que tienen con los procesos y servicios (también se pueden analizar hilos)

  • Ver las actualizaciones instaladas en el sistema

  • Procesos que se están ejecutando

  • Ruta de ejecución de los procesos

  • Procesos y usuarios

  • Procesos y conexiones de red

UDP

TCP

  • Servicios y conexiones de red

UDP

 

TCP

 


Antivirus

  • Analizar

  • Definiciones


Copias de seguridad

  • Realizar y restaurar copias de seguridad


Red

  • Escanear equipos

  • Monitorizar

  • Logs


Criptografía

  • Cifrar y descifrar

Cifrar

Descifrar


Forense

  • Analizar sistema de archivos (rutas, fechas, etc.)

  • Artefactos

  • Crear un fichero de volcado de memoria de un proceso