carlospolop
|
0d890a4140
|
quick fix
|
2021-03-05 01:16:44 +00:00 |
|
kali
|
fffcbb18ba
|
improved services permissions checks
|
2021-03-04 19:40:08 -05:00 |
|
makikvues
|
6bfe947250
|
- introduced PermissionType - DEFAULT, EADABLE_OR_WRITABLE, WRITEABLE_OR_EQUIVALENT
- added AllowUnsafeBlocks for all configurations
|
2021-03-04 19:49:29 +01:00 |
|
makikvues
|
343b8bb96b
|
- refactoring/cleanup
- added .net versions check
- added PrintMappedDrivesWMI
- added PrintMicrosoftUpdatesCOM
- added PrintSystemLastShutdownTime
- added PrintCurrentUserIdleTime
- added PowerShell Core Version check
- updated ListCloudCreds
- updated GetMcAfeeSitelistFiles
- added PrintMachineAndUserCertificateFiles
|
2021-02-07 23:13:14 +01:00 |
|
makikvues
|
fb17429f67
|
- refactoring / cleanup - moved all native external methods to /Native folder/classes
- added new event checks - Explicit Logon Events, Logon Events, PowerShell Events, Process Creation Events
- added PrintSecurityPackagesCredentials check
- added Windows Defender enumeration
|
2021-02-03 21:54:20 +01:00 |
|
makikvues
|
27e8867236
|
- cleanup
- fixed using on IDisposables
|
2021-01-25 23:52:29 +01:00 |
|
makikvues
|
9dd1fdbc95
|
- scheduled tasks rewrite - cleanup, excluding also Microsoft from Path; skipping failed scheduled tasks
- added total execution time for debugging purposes
- bugfixes
- GetEverLoggedUsers() - skipping users which could not be translated
|
2021-01-18 22:12:01 +01:00 |
|
makikvues
|
e16234b773
|
- refactoring & cleanup
- TODO: first version of AppLocker implementation
- CredentialManager implementation
- added check of LsaCompatiblityLevel
- updated GetAutoRunsFolder
- updated PrintTranscriptPS
|
2021-01-17 23:38:39 +01:00 |
|
makikvues
|
448a1aaf5b
|
- fixed getting data from clipboard
- fixed GetExecutableFromPath
- unified exception logging
- cleanup
|
2021-01-14 23:50:19 +01:00 |
|
makikvues
|
2f467a3405
|
- huge refactoring
|
2021-01-10 14:46:34 +01:00 |
|