PSReflect-Functions

2.0.0

Provides Windows API functions as abstracted PowerShell functions.

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name PSReflect-Functions

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Author(s)

Jared Atkinson (@jaredcatkinson) Chris Ross (@xorrior)

Copyright

(c) 2017 Jared Atkinson and Chris Ross. All rights reserved.

Owners

Tags

Windows-API Win32-API Advapi32 Kernel32 Netapi32 Ntdll Secur32 Wtsapi32

Functions

AcquireCredentialsHandle AdtListCategories AmsiCloseSession AmsiInitialize AmsiOpenSession AmsiResultIsMalware AmsiScanBuffer AmsiScanString AmsiUninitialize ChangeServiceConfigW CloseHandle CloseServiceHandle ConvertSidToStringSid ConvertStringSidToSid CreateFile CreatePipe CreateRemoteThread CreateServiceW CreateThread CreateToolhelp32Snapshot CryptCATAdminAcquireContext CryptCATAdminAcquireContext2 CryptCATAdminAddCatalog CryptCATAdminCalcHashFromFileHandle CryptCATAdminCalcHashFromFileHandle2 CryptCATAdminEnumCatalogFromHash CryptCATAdminReleaseCatalogContext CryptCATCatalogInfoFromContext CryptCATStoreFromHandle CryptQueryObject DeleteSecurityPackage DsEnumerateDomainTrusts DsGetSiteName DuplicateToken EnumerateSecurityPackages EnumMonitors FreeContextBuffer FreeCredentialsHandle GetCurrentProcess GetIpNetTable GetLengthSid GetNamedPipeClientComputerName GetNamedPipeClientProcessId GetNamedPipeClientSessionId GetNamedPipeServerProcessId GetNamedPipeServerSessionId GetProcAddress GetThreadContext GetThreadId GetTokenInformation GetVersionFromProcess GlobalAddAtom GlobalDeleteAtom GlobalFindAtom GlobalGetAtomName ImpersonateLoggedOnUser K32GetMappedFileName LoadLibrary LogonUser LogonUser1 LookupPrivilegeDisplayName LookupPrivilegeName LsaCallAuthenticationPackage LsaCallAuthenticationPackageKerbPurgeTktCache LsaCallAuthenticationPackageKerbQueryTktCache LsaCallAuthenticationPackageKerbRetrieveTkt LsaConnectUntrusted LsaDeregisterLogonProcess LsaEnumerateLogonSessions LsaFreeReturnBuffer LsaGetLogonSessionData LsaLookupAuthenticationPackage LsaNtStatusToWinError LsaRegisterLogonProcess NetApiBufferFree NetConnectionEnum NetFileEnum NetGetAnyDCName NetGetDCName NetLocalGroupAddMembers NetLocalGroupDelMembers NetLocalGroupEnum NetLocalGroupGetMembers NetSessionEnum NetShareAdd NetShareDel NetShareEnum NetWkstaUserEnum NtClose NtCreateKey NtDeleteKey NtDeleteValueKey NtDuplicateObject NtEnumerateKey NtEnumerateValueKey NtOpenKey NtQueryEaFile NtQueryInformationFile NtQueryInformationThread NtQueryKey NtQueryObject NtQueryValueKey NtSetEaFile NtSetValueKey OpenProcess OpenProcessToken OpenSCManagerW OpenServiceW OpenThread OpenThreadToken PeekNamedPipe QueryCredentialsAttributes QueryDosDevice QueryFullProcessImageName ReadProcessMemory ResumeThread RevertToSelf RtlAdjustPrivilege RtlGetFunctionTableListHead RtlInitUnicodeString SamCloseHandle SamConnect SamOpenDomain SamOpenUser SamSetInformationUser TerminateThread Thread32First VirtualAllocEx VirtualFreeEx VirtualProtectEx VirtualQueryEx WinVerifyTrust WNetAddConnection2W, WNetCancelConnection2 WriteProcessMemory WTSCloseServer WTSEnumerateSessionsEx WTSFreeMemory WTSFreeMemoryEx WTSOpenServerEx WTSQuerySessionInformation WTSQueryUserToken Get-AccessToken Get-ArpCache Get-Atom Get-DigitalSignature Get-LogonSession Get-LogonSessionImproved Get-SecurityPackage Get-System Make-Token New-InjectedThread WinVerifyTrust-2

Dependencies

This module has no dependencies.

Version History

Version Downloads Last updated
2.0.0 (current version) 1,603 6/10/2021
1.1 2,941 5/11/2018
1.0 331 6/18/2017