mirror of
https://github.com/socfortress/Wazuh-Rules.git
synced 2025-11-01 12:23:32 +00:00
123 lines
2.4 KiB
Plaintext
123 lines
2.4 KiB
Plaintext
Export-PowerViewCSV:
|
|
Get-IPAddress:
|
|
Resolve-IPAddress:
|
|
Convert-NameToSid:
|
|
ConvertTo-SID:
|
|
Convert-ADName:
|
|
ConvertFrom-UACValue:
|
|
Add-RemoteConnection:
|
|
Remove-RemoteConnection:
|
|
Invoke-UserImpersonation:
|
|
Invoke-RevertToSelf:
|
|
Request-SPNTicket:
|
|
Get-DomainSPNTicket:
|
|
Invoke-Kerberoast:
|
|
Get-PathAcl:
|
|
Get-DNSZone:
|
|
Get-DomainDNSZone:
|
|
Get-DNSRecord:
|
|
Get-DomainDNSRecord:
|
|
Get-NetDomain:
|
|
Get-Domain:
|
|
Get-NetDomainController:
|
|
Get-DomainController:
|
|
Get-NetForest:
|
|
Get-Forest:
|
|
Get-NetForestDomain:
|
|
Get-ForestDomain:
|
|
Get-NetForestCatalog:
|
|
Get-ForestGlobalCatalog:
|
|
Find-DomainObjectPropertyOutlier:
|
|
Get-NetUser:
|
|
Get-DomainUser:
|
|
New-DomainUser:
|
|
Set-DomainUserPassword:
|
|
Get-UserEvent:
|
|
Get-DomainUserEvent:
|
|
Get-NetComputer:
|
|
Get-DomainComputer:
|
|
Get-ADObject:
|
|
Get-DomainObject:
|
|
Set-ADObject:
|
|
Set-DomainObject:
|
|
Get-ObjectAcl:
|
|
Get-DomainObjectAcl:
|
|
Add-ObjectAcl:
|
|
Add-DomainObjectAcl:
|
|
Invoke-ACLScanner:
|
|
Find-InterestingDomainAcl:
|
|
Get-NetOU:
|
|
Get-DomainOU:
|
|
Get-NetSite:
|
|
Get-DomainSite:
|
|
Get-NetSubnet:
|
|
Get-DomainSubnet:
|
|
Get-DomainSID:
|
|
Get-NetGroup:
|
|
Get-DomainGroup:
|
|
New-DomainGroup:
|
|
Find-ManagedSecurityGroups:
|
|
Get-DomainManagedSecurityGroup:
|
|
Get-NetGroupMember:
|
|
Get-DomainGroupMember:
|
|
Add-DomainGroupMember:
|
|
Get-NetFileServer:
|
|
Get-DomainFileServer:
|
|
Get-DFSshare:
|
|
Get-DomainDFSShare:
|
|
Get-NetGPO:
|
|
Get-DomainGPO:
|
|
Get-NetGPOGroup:
|
|
Get-DomainGPOLocalGroup:
|
|
Find-GPOLocation:
|
|
Get-DomainGPOUserLocalGroupMapping:
|
|
Find-GPOComputerAdmin:
|
|
Get-DomainGPOComputerLocalGroupMapping:
|
|
Get-DomainPolicy:
|
|
Get-NetLocalGroup:
|
|
Get-NetLocalGroupMember:
|
|
Get-NetShare:
|
|
Get-NetLoggedon:
|
|
Get-NetSession:
|
|
Get-LoggedOnLocal:
|
|
Get-RegLoggedOn:
|
|
Get-NetRDPSession:
|
|
Invoke-CheckLocalAdminAccess:
|
|
Test-AdminAccess:
|
|
Get-SiteName:
|
|
Get-NetComputerSiteName:
|
|
Get-Proxy:
|
|
Get-WMIRegProxy:
|
|
Get-LastLoggedOn:
|
|
Get-WMIRegLastLoggedOn:
|
|
Get-CachedRDPConnection:
|
|
Get-WMIRegCachedRDPConnection:
|
|
Get-RegistryMountedDrive:
|
|
Get-WMIRegMountedDrive:
|
|
Get-NetProcess:
|
|
Get-WMIProcess:
|
|
Find-InterestingFile:
|
|
Invoke-UserHunter:
|
|
Find-DomainUserLocation:
|
|
Invoke-ProcessHunter:
|
|
Find-DomainProcess:
|
|
Invoke-EventHunter:
|
|
Find-DomainUserEvent:
|
|
Invoke-ShareFinder:
|
|
Find-DomainShare:
|
|
Invoke-FileFinder:
|
|
Find-InterestingDomainShareFile:
|
|
Find-LocalAdminAccess:
|
|
Invoke-EnumerateLocalAdmin:
|
|
Find-DomainLocalGroupMember:
|
|
Get-NetDomainTrust:
|
|
Get-DomainTrust:
|
|
Get-NetForestTrust:
|
|
Get-ForestTrust:
|
|
Find-ForeignUser:
|
|
Get-DomainForeignUser:
|
|
Find-ForeignGroup:
|
|
Get-DomainForeignGroupMember:
|
|
Invoke-MapDomainTrust:
|
|
Get-DomainTrustMapping:
|