PowerShell Module with custom functions and cmdlets related to Windows and application security.
This is a PowerShell Module with functions and cmdlets related to Windows and application security. It unites multiple handy tools into one module.
You can invoke PowerShell scripts or script blocks in an elevated context with sudo or test your credentials against the local system or an Active Directory domain with Test-Credential.
With the security activity and audit policy cmdlets, you can get the security related configuration of security audit events in the Audit Policy and check the latest activity on the target computer.
With the Vault cmdlets, you can interact with the Windows Credential Manager to store and received PowerShell credentials and secure strings.
The Impersonation cmdlets allow you to impersonate another user in the current session. With this, you can execute certain commands as another user account.
-
Get-VaultEntry
With this cmdlet, the entires form the Windows Credential Manager vault can be retrieved. The entries contain a PSCredential object and all additional metadata like target name, type and persistence location. -
Get-VaultCredential
This cmdlet works similar like the Get-VaultEntry, but returns only a native PSCredential object without additional metadata. This is useful if just the simple PSCredential object is required. -
Get-VaultSecureString
This cmdlet works similar like the Get-VaultEntry, but returns only a native secure string object containing the password without additional metadata. This is useful if just the simple secure string object is required. -
New-VaultEntry
Create a new entry in the Windows Credential Manager vault. The credential type and persist location can be specified. By default, a generic entry with no special purpose is created on the local machine persist location. It will not override existing entries. -
Update-VaultEntry
Update an existing entry in the Windows Credential Manager vault. The credential target name and type are required to identify the entry to update. The persist location and the credentials (or username/password) can be updated. -
Remove-VaultEntry
Remove an existing entry in the Windows Credential Manager vault. The cmdlet accepts pipeline input with credential entry objects. -
Use-VaultCredential
Get the PSCredential object from the Windows Credential Manager vault or query the caller to enter the credentials. These credentials will be stored in the vault.
-
Get-SecurityAuditPolicy
List the current local security audit policy settings. It will execute the auditpol.exe command and parse the result into objects. -
Get-SecurityAuditPolicySetting
Return the value of one security audit policy setting. It will use the Get-SecurityAuditPolicy cmdlet and just filter and expand the result.
-
Get-ImpersonationContext
Get the current impersonation context and the active windows identity. -
Push-ImpersonationContext
Create a new impersonation context by using the specified credentials. All following commands will be executed as the specified user until the context is closed. -
Pop-ImpersonationContext
Leave the current impersonation context.
-
Invoke-Elevated
Invoke a script block or an executable in an elevated session. It will handle the parameter passing into the elevated session and return the result as object to the caller. Because it's running in a different elevated process, XML serialization is used to return the result. The cmdlet has the alias sudo, as used on *nix systems. -
Invoke-PowerShell
Start a new PowerShell Console session with alternative credentials. The cmdlet has the alias posh. -
Get-TimeBasedOneTimePassword
Generate a Time-Base One-Time Password based on RFC 6238. The aliases Get-TOTP or totp can also be used. -
Test-Credential
With this cmdlet, credential objects or username and password pairs can be tested, if they are valid. With the method parameter, it's possible to choose how the credentials are validated (start process, Active Directory). Be aware, multiple testing with wrong credentials can lock out the used account depending on your security settings. -
Get-SecurityActivity
Get security and life-cycle related events on the target computer like start up / shutdown, user log on / log off, workstation locked /unlocked, session reconnected / disconnected and screen saver invoke / dismiss. -
Protect-String
Convert a string into a secure string. -
Unprotect-SecureString
Convert a secure string into a string.
-
Get-TrustedHost
Get trusted host list entries. -
Add-TrustedHost
Add an entry to the trusted host list. -
Remove-TrustedHost
Remove an entry from the trusted host list.
Please find all versions in the GitHub Releases section and the release notes in the CHANGELOG.md file.
Use the following command to install the module from the PowerShell Gallery, if the PackageManagement and PowerShellGet modules are available:
# Download and install the module
Install-Module -Name 'SecurityFever'Alternatively, download the latest release from GitHub and install the module manually on your local system:
- Download the latest release from GitHub as a ZIP file: GitHub Releases
- Extract the module and install it: Installing a PowerShell Module
The following minimum requirements are necessary to use this module, or in other words are used to test this module:
- Windows PowerShell 3.0
- Windows Server 2008 R2 / Windows 7
Please feel free to contribute by opening new issues or providing pull requests. For the best development experience, open this project as a folder in Visual Studio Code and ensure that the PowerShell extension is installed.
- Visual Studio Code with the PowerShell Extension
- Pester, PSScriptAnalyzer and psake PowerShell Modules
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent