search
LinkedInGithub
githubEdit

Enumerating Security Controls

hashtag
Windows Defender Status

hashtag
Get-MpComputerStatus

  • Command:

    Get-MpComputerStatus

  • Result: Checks the status of Windows Defender Anti-Virus on a Windows-based host.

hashtag
AppLocker Policies

hashtag
Get-AppLockerPolicy

  • Command:

    Get-AppLockerPolicy -Effective | select -ExpandProperty RuleCollections

  • Result: Retrieves AppLocker policies from a Windows-based host.

hashtag
PowerShell Language Mode

hashtag
PowerShell Language Mode Enumeration

  • Command:

    $ExecutionContext.SessionState.LanguageMode

  • Result: Determines the PowerShell Language Mode in use on a Windows-based host.

hashtag
LAPS (Local Administrator Password Solution) Enumeration

hashtag
Find-LAPSDelegatedGroups

  • Command:

  • Result: Discovers LAPS Delegated Groups from a Windows-based host.

hashtag
Find-AdmPwdExtendedRights

  • Command:

  • Result: Checks the rights on each computer with LAPS enabled for any groups with read access and users with "All Extended Rights."

hashtag
Get-LAPSComputers

  • Command:

  • Result: Searches for computers with LAPS enabled, discovers password expiration, and retrieves randomized passwords from a Windows-based host.

PreviousEnumeration by Living Off the LandNextTools & Techniques

Last updated