Category Archives: Windows

Weaponizing AMSI bypass with PowerShell

Introduction The Windows Antimalware Scan Interface (AMSI) is a versatile interface standard that allows applications and services to integrate with any antimalware product that’s present on a machine. You can find more information on it here: https://docs.microsoft.com/en-us/windows/win32/amsi/antimalware-scan-interface-portal. A while ago … Continue reading

Posted in Researching, Windows, Write-Up | Tagged , , , , , | Comments Off on Weaponizing AMSI bypass with PowerShell

Pingsweep with Windows CLI

I just happened to find myself with the requirement of performing a ping sweep of the local /24 network under Windows without installing any additional software or tools. Turns out you can do that quite easily via the commandline:

Continue reading

Posted in Windows | Comments Off on Pingsweep with Windows CLI

Creating dummy files in Windows

If you want to create dummy files in Windows you can simple create them by using fsutil:

So in order to create a bulk file which is 1 GB in size you can go with:

Posted in Windows | Comments Off on Creating dummy files in Windows

Parsing a line based hosts file to Firefox under Windows

I just needed to parse a line based file containing hosts and access the hosts with Firefox under Windows in multiple tabs. Here is what I did:

If you want to slow things down and the sleep command is … Continue reading

Posted in Windows | Comments Off on Parsing a line based hosts file to Firefox under Windows

Enhanced security controlls for Internet Explorer on windows servers

Due to enforced security controlls you will often find yourself unable to access any website while running the Internet Explorer on a windows server. This is related towards the Enhanced Security Configuration (ESC). You can manually disable it by jumping … Continue reading

Posted in Windows | Comments Off on Enhanced security controlls for Internet Explorer on windows servers

Dumping of installed programs and services within Windows

I use the following snippets to dump installed programs on Windows machines via WMIC (Windows Management Instrumentation Commandline):

The output can be processed as CSV

Posted in Windows | Comments Off on Dumping of installed programs and services within Windows