This document appears to be a slide deck for a presentation titled "Practical PowerShell Programming for Professional People" given by Ben Ten at BSidesDFW 2014. The slide deck covers an introduction to PowerShell including languages and development, PowerShell scripting, modules, Active Directory, resources and Q&A. It provides examples of PowerShell scripts and functions and discusses variables, parameters, conditional logic and other PowerShell concepts.
Practical PowerShell Programming for Professional People - DerbyCon 4Ben Ten (0xA)
The best hackers are those that can write their own tools or modify existing ones. Regardless of whether you are blue team- red team- purple team- white hat- gray hat- or black hat- PowerShell should be in your repository of tools. While I encourage people to learn other languages as well- PowerShell is a dynamic tool and should not be overlooked. This talk is meant to be an introductory (101) session for PowerShell. I will be giving you a crash course in PowerShell scripting that will equip you to create practical PowerShell scripts for defense- offense- and even some fun things to mess around with people. This talk is designed for anyone who has never done any PowerShell or just starting to learn. Bring your laptop with PowerShell 3.0 or later- and your favorite text editor (like SublimeText) installed so you can script along with me. You will be able to write a functioning PowerShell script by the end of this talk! Come see the potential power you can unlock by learning PowerShel.
Practical PowerShell Programming for Professional PeopleBen Ten (0xA)
The best hackers are those that can write their own tools or modify existing ones. Regardless of whether you are blue team, red team, purple team, white hat, gray hat, or black hat, PowerShell should be in your repository of tools. While I encourage people to learn other languages as well, PowerShell is a dynamic tool and should not be overlooked. This talk is meant to be an introductory (101) session for PowerShell. I will be giving you a crash course in PowerShell scripting that will equip you to create practical PowerShell scripts for defense, offense, and even some fun things to mess around with people. This talk is designed for anyone who has never done any PowerShell or just starting to learn. Bring your laptop with PowerShell 3.0 or later, and your favorite text editor (like SublimeText) installed so you can script along with me. You will be able to write a functioning PowerShell script by the end of this talk! Come see the potential power you can unlock by learning PowerShell; and to see how often I can abuse the letter P!
This document contains the slides from a presentation titled "Gray Hat PowerShell" given by Ben Ten at ShowMeCon 2015. The presentation covers an introduction to PowerShell and how it sits on the .NET framework. It then discusses offensive and defensive PowerShell tools and techniques, including PowerSploit, PowerView, Posh-SecMod, PoshSec, Kansa, and Invoke-IR. The presentation includes demonstrations of loading PowerShell programmatically and using tools like PowerSploit. It concludes with reminding attendees that these tools can damage systems if misused and providing resources for further information.
Modern Perl for the Unfrozen Paleolithic Perl ProgrammerJohn Anderson
Modern Perl for the Unfrozen Paleolithic Perl Programmer discusses many changes to Perl and its ecosystem since 2001 when the caveman programmer fell into a glacier. Some key changes include Perl version 5.22, new language features like defined-or and subroutine signatures, and tools like Perlbrew, Plenv and cpanm. Modern web development uses Plack/PSGI instead of CGI.pm. The speaker recommends modules like JSON::MaybeXS, Moose/Moo and websites like CPAN Ratings, MetaCPAN and Perl Weekly to stay up-to-date.
The document outlines 50 different ways that one can contribute to the PostgreSQL project, ranging from contributing code to the core database, reviewing and fixing bugs, writing documentation, organizing user groups, giving presentations at conferences, and more. It encourages involvement from developers, writers, designers, system administrators, and those who can help with education and testing. The goal is to highlight the many opportunities available for getting involved in open source development of PostgreSQL.
This document summarizes a lecture on efficiency oriented programming using Groovy and Grails. The key points are:
- Biological experiments produce huge amounts of data requiring powerful tools for analysis. Excel is not sufficient.
- The goal of the course is to make students efficient in the lab with programming skills and a computer at their fingertips. It will cover programming fundamentals, independence, and real-life challenges.
- Groovy and Grails were selected as the languages for the course because they offer a compact syntax, support for modern web applications, natural storage of data in databases, and encouragement of agile development practices.
Php Dependency Management with Composer ZendCon 2016Clark Everetts
A deep-dive for beginners into Composer, the dependency manager for PHP. Learn how Composer helps you obtain the components your applications depend upon, installs them into your project, and controls their update to newer versions.
Netflix JavaScript Talks - Scaling A/B Testing on Netflix.com with Node.jsChris Saint-Amant
At Netflix we run hundreds of A/B tests every year. Maintaining multivariate experiences quickly adds strain to any UI engineering team. In this talk, Alex Liu and Micah Ransdell explore the patterns we’ve built in Node.js to tame this beast - ultimately enabling quick feature development and rapid test iteration on our service used by over 50 million people around the world.
Practical PowerShell Programming for Professional People - DerbyCon 4Ben Ten (0xA)
The best hackers are those that can write their own tools or modify existing ones. Regardless of whether you are blue team- red team- purple team- white hat- gray hat- or black hat- PowerShell should be in your repository of tools. While I encourage people to learn other languages as well- PowerShell is a dynamic tool and should not be overlooked. This talk is meant to be an introductory (101) session for PowerShell. I will be giving you a crash course in PowerShell scripting that will equip you to create practical PowerShell scripts for defense- offense- and even some fun things to mess around with people. This talk is designed for anyone who has never done any PowerShell or just starting to learn. Bring your laptop with PowerShell 3.0 or later- and your favorite text editor (like SublimeText) installed so you can script along with me. You will be able to write a functioning PowerShell script by the end of this talk! Come see the potential power you can unlock by learning PowerShel.
Practical PowerShell Programming for Professional PeopleBen Ten (0xA)
The best hackers are those that can write their own tools or modify existing ones. Regardless of whether you are blue team, red team, purple team, white hat, gray hat, or black hat, PowerShell should be in your repository of tools. While I encourage people to learn other languages as well, PowerShell is a dynamic tool and should not be overlooked. This talk is meant to be an introductory (101) session for PowerShell. I will be giving you a crash course in PowerShell scripting that will equip you to create practical PowerShell scripts for defense, offense, and even some fun things to mess around with people. This talk is designed for anyone who has never done any PowerShell or just starting to learn. Bring your laptop with PowerShell 3.0 or later, and your favorite text editor (like SublimeText) installed so you can script along with me. You will be able to write a functioning PowerShell script by the end of this talk! Come see the potential power you can unlock by learning PowerShell; and to see how often I can abuse the letter P!
This document contains the slides from a presentation titled "Gray Hat PowerShell" given by Ben Ten at ShowMeCon 2015. The presentation covers an introduction to PowerShell and how it sits on the .NET framework. It then discusses offensive and defensive PowerShell tools and techniques, including PowerSploit, PowerView, Posh-SecMod, PoshSec, Kansa, and Invoke-IR. The presentation includes demonstrations of loading PowerShell programmatically and using tools like PowerSploit. It concludes with reminding attendees that these tools can damage systems if misused and providing resources for further information.
Modern Perl for the Unfrozen Paleolithic Perl ProgrammerJohn Anderson
Modern Perl for the Unfrozen Paleolithic Perl Programmer discusses many changes to Perl and its ecosystem since 2001 when the caveman programmer fell into a glacier. Some key changes include Perl version 5.22, new language features like defined-or and subroutine signatures, and tools like Perlbrew, Plenv and cpanm. Modern web development uses Plack/PSGI instead of CGI.pm. The speaker recommends modules like JSON::MaybeXS, Moose/Moo and websites like CPAN Ratings, MetaCPAN and Perl Weekly to stay up-to-date.
The document outlines 50 different ways that one can contribute to the PostgreSQL project, ranging from contributing code to the core database, reviewing and fixing bugs, writing documentation, organizing user groups, giving presentations at conferences, and more. It encourages involvement from developers, writers, designers, system administrators, and those who can help with education and testing. The goal is to highlight the many opportunities available for getting involved in open source development of PostgreSQL.
This document summarizes a lecture on efficiency oriented programming using Groovy and Grails. The key points are:
- Biological experiments produce huge amounts of data requiring powerful tools for analysis. Excel is not sufficient.
- The goal of the course is to make students efficient in the lab with programming skills and a computer at their fingertips. It will cover programming fundamentals, independence, and real-life challenges.
- Groovy and Grails were selected as the languages for the course because they offer a compact syntax, support for modern web applications, natural storage of data in databases, and encouragement of agile development practices.
Php Dependency Management with Composer ZendCon 2016Clark Everetts
A deep-dive for beginners into Composer, the dependency manager for PHP. Learn how Composer helps you obtain the components your applications depend upon, installs them into your project, and controls their update to newer versions.
Netflix JavaScript Talks - Scaling A/B Testing on Netflix.com with Node.jsChris Saint-Amant
At Netflix we run hundreds of A/B tests every year. Maintaining multivariate experiences quickly adds strain to any UI engineering team. In this talk, Alex Liu and Micah Ransdell explore the patterns we’ve built in Node.js to tame this beast - ultimately enabling quick feature development and rapid test iteration on our service used by over 50 million people around the world.
WordPress for the modern PHP developerChris Sherry
The document contains tweets from a conference session about using WordPress and version control best practices for modern PHP developers. Some key points discussed include:
- Setting up a WordPress site under version control using Git
- Managing WordPress core and plugin/theme dependencies with Composer
- Using plugins from packagist like wpackagist to install plugins via Composer
- Developing a custom plugin and publishing it to GitHub to be installed as a dependency
Large and heavy PHP frameworks are a thing of the past. Modern PHP developers now have a wealth of libraries and packages available to perform specific tasks, and microservices are fast becoming a preferred way to architect applications. But many don't know how to start, and get thrown in the deep end to flounder. This hands-on workshop will introduce what microservices are, and how to leverage middleware to create them. We will use the Zend Expressive microframework to leverage components of Zend Framework, and other libraries, to quickly create awesome things without requiring an entire framework. Resources for reference and continued learning will also be shared.
DBI for Parrot and Perl 6 Lightning Talk 2007Tim Bunce
This lightning talk proposes adopting the Java JDBC API specification as a common database driver API for Parrot and open source languages. Currently, database interfaces for most languages are limited, different from each other, and involve duplicative development efforts. A common API based on the mature and well-documented JDBC standard could allow drivers to be shared across languages and improve functionality. The speaker is already working on a Perl module that implements the JDBC API and a Summer of Code project to explore a Perl 6 implementation of the DBI API using this module.
Zend con 2016 bdd with behat for beginnersAdam Englander
Learn the basics of behavioral driven development (BDD) with Behat to build high quality and well documented applications. You'll learn how BDD can help you deliver greater business value more efficiently while accurately documenting the functionality of your application along the way. You'll learn how to utilize Behat as your BDD tool. With Behat, you'll create tests for the features in your application by utilizing a natural language syntax called Gherkin backed by PHP code to execute the steps executed in the feature's scenarios.
This will be a hands-on tutorial. You'll learn how to implement BDD for a web application. This will include utilizing Selenium WebDriver for real world multi-browser testing including introductions to Selenium Grid and hosted integration services utilizing Selenium.
Theory and practice – migrating your legacy code into our modern test drive...Lars Jankowfsky
This document discusses strategies for migrating legacy PHP code to a more modern test-driven development approach. It begins with an introduction to legacy code and the agenda. It then discusses typical problems with legacy PHP projects, such as spaghetti code and lack of testing. The document provides strategies for introducing test-driven development practices like writing tests first, refactoring, and using fixtures. It emphasizes incremental changes over a full rewrite to safely evolve the code over time.
Fine-tuning your development environment means more than just getting your editor set up just so -- it means finding and setting up a variety of tools to take care of the mundane housekeeping chores that you have to do -- so you have more time to program, of course! I'll share the benefits of a number of yak shaving expeditions, including using App::GitGot to batch manage _all_ your git repos, App::MiseEnPlace to automate getting things _just_ so in your working environment, and a few others as time allows.
Delivered at OpenWest 2016, 13 July 2016
TypeScript와 Flow: 자바스크립트 개발에 정적 타이핑 도입하기Heejong Ahn
- The document discusses TypeScript and Flow, two type systems for JavaScript. It provides information on their history, design goals around soundness vs productivity, usage statistics, and comparisons of their type systems and tooling support.
- Key differences noted are that Flow focuses on soundness while TypeScript balances correctness and productivity, and that TypeScript has significantly more resources and adoption based on metrics like StackOverflow questions, GitHub stars, and npm downloads.
Let's look at the many "flavors" of PHP, why they are there, how they work and when to use them. We'll also dive a little into the PHP core design pattern of using SAPIs to access the true core application.
Alfanous is a free and open-source Arabic search engine API that allows searching of the Quran. It provides a Python API, JSON web interface, and interfaces for desktop, mobile and other platforms. The API has many search features and options for customizing results. Developers can use the API and interfaces to build their own applications, and contributors can help by coding, translating, designing or providing feedback to improve the project.
Let's creating your own PHP (tejimaya version)Kousuke Ebihara
This document discusses customizing PHP for one's own development needs. It suggests building PHP from source to add new error levels and notices, or to test scripts under different versions. Specific steps are outlined, like getting the PHP source from Git, configuring with desired extensions, making and installing it. Patches are provided that add new error constants and notices for environment-dependent code or potential backwards compatibility issues. Building one's own PHP is suggested to improve work or for fun, such as inserting semicolons automatically or adding keyword arguments.
RESTFul API Design and Documentation - an IntroductionMiredot
The world is interconnected by APIs more than ever. It is almost unimaginable to develop any kind of software today that doesn't either offer or invoke a web-API. The majority of (new) APIs offer a REST + JSON interface and the Java platform is very well equipped to develop such APIs. In our talk we'll quickly recap what REST exactly means and we'll give a set of pointers to help with RESTful API-design. Since we are creating an open API that any customer should be able to use from any programming language, technology-neutral documentation of this API is key. We can't stress this enough. We will present a high-level overview of different possibilities of documenting APIs, ranging from the API-first approach (RAML, Apiary, etc.) to generators (Swagger, Enunciate, etc.), including Miredot.
Powershell Seminar @ ITWorx CuttingEdge ClubEssam Salah
Windows PowerShell is a new interactive shell and scripting language based on .NET. It allows access to system resources like file systems and data stores in an easy way. PowerShell aims to make administrators more productive and secure by default. It is supported on Windows XP and above and many Microsoft products. PowerShell provides a command line experience and can also be used for GUI scripting and custom applications.
Office 365 & PowerShell - A match made in heavenSébastien Levert
In a world where we ear more and more about DevOps and continuous integration, your Office 365 integration process might be lacking some good practices and ways to automate everything. In this session, we will cover how you can use PowerShell to ease the deployment process of your applications, the monitoring of your tenants and the maintenance of all the workloads of Office 365. Being a demo-intensive session, be prepared to see a lot of PowerShell and Office 365 API code!
The 3 key takeaways of this session are :
You will learn how to communicate with the Office 365 API from PowerShell
You will be introduced to DevOps concepts in a Office 365 context
You will be able to reproduce those easy processes without problem back at work
Windows Server 2008 (PowerShell Scripting Uygulamaları)ÇözümPARK
This document is a presentation about PowerShell scripting. It includes an agenda that covers topics like what PowerShell is, installation, basics, commands, variables, loops, applications, and the future of PowerShell. It also provides demonstrations of PowerShell concepts like aliases, the pipeline, drivers/registry, WMI applications, operators, loops/flow control, variables, arrays, forms, and file extensions. The presentation aims to introduce attendees to PowerShell and its capabilities.
PowerShell Plus is the most advanced Interactive Development Environment for PowerShell available today. Designed to help administrators and developers quickly learn and master Windows PowerShell, it also dramatically increases the productivity of expert users.
PowerShell Plus features a powerful interactive console, an advanced script editor and debugger and a comprehensive interactive learning center all integrated into a single product.
This document discusses using PowerShell for penetration testing when standard tools and frameworks may not be usable due to network restrictions or lack of privileges. It provides an introduction to PowerShell and examples of how port scanning, downloading files, and other tasks could be accomplished using PowerShell scripts even in restricted environments. It also covers some of the security mechanisms in PowerShell like execution policies and how they can be bypassed to run unsigned scripts without prompts.
Better, Faster, Stronger! Boost Your Team-Based SharePoint Development Using ...Richard Calderon
In this session, I discuss and demonstrate how you can use SharePoint 2010 Web Templates and PowerShell scripts to give your team-based SharePoint development process a much needed productivity boost. Using these techniques, you enable your team to quickly test and review their custom components against your complete SharePoint solution while simultaneously eliminating inconsistencies often created by manual configurations.
By the end of this session, you will have learned:
How SharePoint web templates can be used to provision customized SharePoint sites
How to leverage PowerShell scripts to automate your custom site build and feature deployments
The key benefits of this approach for team-based SharePoint development
So stop wasting time and come see how you can help make your SharePoint team development better, faster, and stronger!
Managing Virtual Infrastructures With PowerShellguesta849bc8b
This document is a presentation about managing virtual infrastructures with Microsoft PowerShell. It introduces PowerShell and how it can be used to automate tasks and make administrators more efficient. It then demonstrates some basic PowerShell commands for virtualization tasks on platforms like VMware, Hyper-V, and Xen. More advanced topics and resources for learning more about PowerShell are also discussed.
The document discusses Powershell UI Automation, which allows automated testing of graphical user interfaces using Powershell scripts. It provides an overview of GUI testing tools before selecting Powershell UI Automation as the winner due to its advantages like being free, open-source, and using the known Powershell framework. It then covers how to install and use the tool via Powershell cmdlets to perform actions like getting windows and controls, invoking clicks and edits, and taking screenshots. Examples are provided and tips discussed for effective use.
WordPress for the modern PHP developerChris Sherry
The document contains tweets from a conference session about using WordPress and version control best practices for modern PHP developers. Some key points discussed include:
- Setting up a WordPress site under version control using Git
- Managing WordPress core and plugin/theme dependencies with Composer
- Using plugins from packagist like wpackagist to install plugins via Composer
- Developing a custom plugin and publishing it to GitHub to be installed as a dependency
Large and heavy PHP frameworks are a thing of the past. Modern PHP developers now have a wealth of libraries and packages available to perform specific tasks, and microservices are fast becoming a preferred way to architect applications. But many don't know how to start, and get thrown in the deep end to flounder. This hands-on workshop will introduce what microservices are, and how to leverage middleware to create them. We will use the Zend Expressive microframework to leverage components of Zend Framework, and other libraries, to quickly create awesome things without requiring an entire framework. Resources for reference and continued learning will also be shared.
DBI for Parrot and Perl 6 Lightning Talk 2007Tim Bunce
This lightning talk proposes adopting the Java JDBC API specification as a common database driver API for Parrot and open source languages. Currently, database interfaces for most languages are limited, different from each other, and involve duplicative development efforts. A common API based on the mature and well-documented JDBC standard could allow drivers to be shared across languages and improve functionality. The speaker is already working on a Perl module that implements the JDBC API and a Summer of Code project to explore a Perl 6 implementation of the DBI API using this module.
Zend con 2016 bdd with behat for beginnersAdam Englander
Learn the basics of behavioral driven development (BDD) with Behat to build high quality and well documented applications. You'll learn how BDD can help you deliver greater business value more efficiently while accurately documenting the functionality of your application along the way. You'll learn how to utilize Behat as your BDD tool. With Behat, you'll create tests for the features in your application by utilizing a natural language syntax called Gherkin backed by PHP code to execute the steps executed in the feature's scenarios.
This will be a hands-on tutorial. You'll learn how to implement BDD for a web application. This will include utilizing Selenium WebDriver for real world multi-browser testing including introductions to Selenium Grid and hosted integration services utilizing Selenium.
Theory and practice – migrating your legacy code into our modern test drive...Lars Jankowfsky
This document discusses strategies for migrating legacy PHP code to a more modern test-driven development approach. It begins with an introduction to legacy code and the agenda. It then discusses typical problems with legacy PHP projects, such as spaghetti code and lack of testing. The document provides strategies for introducing test-driven development practices like writing tests first, refactoring, and using fixtures. It emphasizes incremental changes over a full rewrite to safely evolve the code over time.
Fine-tuning your development environment means more than just getting your editor set up just so -- it means finding and setting up a variety of tools to take care of the mundane housekeeping chores that you have to do -- so you have more time to program, of course! I'll share the benefits of a number of yak shaving expeditions, including using App::GitGot to batch manage _all_ your git repos, App::MiseEnPlace to automate getting things _just_ so in your working environment, and a few others as time allows.
Delivered at OpenWest 2016, 13 July 2016
TypeScript와 Flow: 자바스크립트 개발에 정적 타이핑 도입하기Heejong Ahn
- The document discusses TypeScript and Flow, two type systems for JavaScript. It provides information on their history, design goals around soundness vs productivity, usage statistics, and comparisons of their type systems and tooling support.
- Key differences noted are that Flow focuses on soundness while TypeScript balances correctness and productivity, and that TypeScript has significantly more resources and adoption based on metrics like StackOverflow questions, GitHub stars, and npm downloads.
Let's look at the many "flavors" of PHP, why they are there, how they work and when to use them. We'll also dive a little into the PHP core design pattern of using SAPIs to access the true core application.
Alfanous is a free and open-source Arabic search engine API that allows searching of the Quran. It provides a Python API, JSON web interface, and interfaces for desktop, mobile and other platforms. The API has many search features and options for customizing results. Developers can use the API and interfaces to build their own applications, and contributors can help by coding, translating, designing or providing feedback to improve the project.
Let's creating your own PHP (tejimaya version)Kousuke Ebihara
This document discusses customizing PHP for one's own development needs. It suggests building PHP from source to add new error levels and notices, or to test scripts under different versions. Specific steps are outlined, like getting the PHP source from Git, configuring with desired extensions, making and installing it. Patches are provided that add new error constants and notices for environment-dependent code or potential backwards compatibility issues. Building one's own PHP is suggested to improve work or for fun, such as inserting semicolons automatically or adding keyword arguments.
RESTFul API Design and Documentation - an IntroductionMiredot
The world is interconnected by APIs more than ever. It is almost unimaginable to develop any kind of software today that doesn't either offer or invoke a web-API. The majority of (new) APIs offer a REST + JSON interface and the Java platform is very well equipped to develop such APIs. In our talk we'll quickly recap what REST exactly means and we'll give a set of pointers to help with RESTful API-design. Since we are creating an open API that any customer should be able to use from any programming language, technology-neutral documentation of this API is key. We can't stress this enough. We will present a high-level overview of different possibilities of documenting APIs, ranging from the API-first approach (RAML, Apiary, etc.) to generators (Swagger, Enunciate, etc.), including Miredot.
Powershell Seminar @ ITWorx CuttingEdge ClubEssam Salah
Windows PowerShell is a new interactive shell and scripting language based on .NET. It allows access to system resources like file systems and data stores in an easy way. PowerShell aims to make administrators more productive and secure by default. It is supported on Windows XP and above and many Microsoft products. PowerShell provides a command line experience and can also be used for GUI scripting and custom applications.
Office 365 & PowerShell - A match made in heavenSébastien Levert
In a world where we ear more and more about DevOps and continuous integration, your Office 365 integration process might be lacking some good practices and ways to automate everything. In this session, we will cover how you can use PowerShell to ease the deployment process of your applications, the monitoring of your tenants and the maintenance of all the workloads of Office 365. Being a demo-intensive session, be prepared to see a lot of PowerShell and Office 365 API code!
The 3 key takeaways of this session are :
You will learn how to communicate with the Office 365 API from PowerShell
You will be introduced to DevOps concepts in a Office 365 context
You will be able to reproduce those easy processes without problem back at work
Windows Server 2008 (PowerShell Scripting Uygulamaları)ÇözümPARK
This document is a presentation about PowerShell scripting. It includes an agenda that covers topics like what PowerShell is, installation, basics, commands, variables, loops, applications, and the future of PowerShell. It also provides demonstrations of PowerShell concepts like aliases, the pipeline, drivers/registry, WMI applications, operators, loops/flow control, variables, arrays, forms, and file extensions. The presentation aims to introduce attendees to PowerShell and its capabilities.
PowerShell Plus is the most advanced Interactive Development Environment for PowerShell available today. Designed to help administrators and developers quickly learn and master Windows PowerShell, it also dramatically increases the productivity of expert users.
PowerShell Plus features a powerful interactive console, an advanced script editor and debugger and a comprehensive interactive learning center all integrated into a single product.
This document discusses using PowerShell for penetration testing when standard tools and frameworks may not be usable due to network restrictions or lack of privileges. It provides an introduction to PowerShell and examples of how port scanning, downloading files, and other tasks could be accomplished using PowerShell scripts even in restricted environments. It also covers some of the security mechanisms in PowerShell like execution policies and how they can be bypassed to run unsigned scripts without prompts.
Better, Faster, Stronger! Boost Your Team-Based SharePoint Development Using ...Richard Calderon
In this session, I discuss and demonstrate how you can use SharePoint 2010 Web Templates and PowerShell scripts to give your team-based SharePoint development process a much needed productivity boost. Using these techniques, you enable your team to quickly test and review their custom components against your complete SharePoint solution while simultaneously eliminating inconsistencies often created by manual configurations.
By the end of this session, you will have learned:
How SharePoint web templates can be used to provision customized SharePoint sites
How to leverage PowerShell scripts to automate your custom site build and feature deployments
The key benefits of this approach for team-based SharePoint development
So stop wasting time and come see how you can help make your SharePoint team development better, faster, and stronger!
Managing Virtual Infrastructures With PowerShellguesta849bc8b
This document is a presentation about managing virtual infrastructures with Microsoft PowerShell. It introduces PowerShell and how it can be used to automate tasks and make administrators more efficient. It then demonstrates some basic PowerShell commands for virtualization tasks on platforms like VMware, Hyper-V, and Xen. More advanced topics and resources for learning more about PowerShell are also discussed.
The document discusses Powershell UI Automation, which allows automated testing of graphical user interfaces using Powershell scripts. It provides an overview of GUI testing tools before selecting Powershell UI Automation as the winner due to its advantages like being free, open-source, and using the known Powershell framework. It then covers how to install and use the tool via Powershell cmdlets to perform actions like getting windows and controls, invoking clicks and edits, and taking screenshots. Examples are provided and tips discussed for effective use.
This document provides an introduction to PowerShell, including what it is, its core components like cmdlets and objects, and how it can be used for automation and management. PowerShell combines a command-line shell and a scripting language that allows users to discover, query, and manipulate systems through a .NET object model. It includes cmdlets for common system tasks and can be extended with additional cmdlets. PowerShell is included with Windows 7/Server 2008 R2 and later or can be installed on earlier versions, and will be important for IT professionals to learn as it replaces traditional shells.
Incorporating PowerShell into your Arsenal with PS>Attackjaredhaight
Jared Haight presents on incorporating offensive PowerShell techniques. He introduces PS>Attack, a tool designed to emulate powershell.exe and provide over 110 commands for reconnaissance, privilege escalation, backdoors, and exfiltration. PS>Attack aims to lower the barrier to using offensive PowerShell by providing an intuitive interface and built-in payloads/modules. However, all versions of PS>Attack use the same encrypted files, making them easy for antivirus to detect. To address this, Jared created the PS>Attack BuildTool to allow custom compiling of PS>Attack with unique encryption and latest tool versions for each build. Basic Windows security practices like protecting privileged accounts and updating systems can also help mitigate PowerShell
Windows - Having Its Ass Kicked by Puppet and PowerShell Since 2012Puppet
Unix environments has fantastic tooling order to irridicate the need for manual server configuaration. Windows is completely behind in the use of these tools. PowerShell is now emerging as the tool for Windows admins to manage environments and deployments. Can PowerShell help to bring the devops culture to the Windows development world? In this session, I will demonstrate how PowerShell has become a tool necessary to know when working on a windows environment. The session will demonstrate how development environments can be built in a fraction of the time using Puppet and PowerShell. PowerShell is fast becoming a rockstar of the Windows configuration world. Since Puppet added support for Windows, we can really kick windows configuration management into submission
Paul Stack
Principal Software Developer, OpenTable
Paul Stack is a London based developer working on the .net technology stack. Paul has spoken at various events throughout the world as well as extensively in the UK about his passion for continuous integration and continuous delivery and why they should be part of what developers do on a day to day basis. He believes that reliably delivering software is just as important as its development. Paul's newest passion is the DevOps movement and how this helps not just development and operations but the entire business and it's customers.
This document provides an overview of PowerShell, including what it is, how it solves security issues with existing scripting languages, basic commands, how to get help in PowerShell, variables, operators, regular expressions, arrays, hash tables, XML handling, snap-ins, the PowerShell IDE, and resources for learning more about PowerShell.
Geek Sync | Using PowerShell with Python and SQL ServerIDERA Software
You can watch the replay for this Geek Sync webcast in the IDERA Resource Center: http://ow.ly/Mf3H50A5dMC
Just as PowerShell is argued as the main technology for automation in Windows Datacenters Infrastructure, it is equally important in other non-Windows Operating Systems. According to Maximo Trinidad, Windows Administrators have an advantage working with PowerShell just as Linux Administrators have an advantage with Bash / PHP / Python.
Join IDERA and Maximo Trinidad as he walks you through using PowerShell with both SQL Server and Python. This Geek Sync will be interactive and very demo intensive. Questions are encouraged!
About Maximo Trinidad: In Florida, Maximo is known as Mr. PowerShell. He is the founder of the Florida PowerShell User Group which meets on a monthly basis. Maximo is originally from Puerto Rico and has been working in the technology world since 1979. Over the years, he has worked with SQL Server Technologies, provided support to Windows Servers/Client machines, Microsoft Virtualization Technologies, and built some Visual Studio solutions. He has been a Microsoft PowerShell MVP since 2009 and MVP SAPIEN Technologies 2015. He speaks at many of the SQLSaturdays, IT Pro and .NET camps events around Florida.
This document summarizes a presentation given at the 5th meeting of the Romanian Powershell User Group on February 28th, 2017. The presentation introduced several methods for network mapping and discovery using Powershell, including ping sweeps, port scanning, querying active connections, reverse DNS lookups, and ARP scanning. Code examples were provided demonstrating how to perform these tasks with Powershell cmdlets, .NET classes, WMI, and Win32 APIs. The presentation concluded that Powershell allows non-privileged users to query local network information through various techniques and contacted the presenter for any additional questions.
Workshop: PowerShell for Penetration TestersNikhil Mittal
This document outlines a PowerShell workshop for penetration testers. It introduces PowerShell concepts like cmdlets, variables, functions, and modules. It demonstrates how PowerShell can be used offensively for client-side attacks, shells, domain enumeration, and privilege escalation during a penetration test. The document emphasizes that PowerShell has become a critical tool for both red and blue teams. It provides resources for further PowerShell training and penetration testing tools.
PowerShell 101 - What is it and Why should YOU Care!Thomas Lee
PowerShell 101 provides an overview of PowerShell, including what it is, how it works, and why it is important for Windows administrators. PowerShell is a task automation platform and scripting language that makes Windows administration easier. It uses cmdlets, objects, and the pipeline model where cmdlets produce and consume objects that can be piped between commands. PowerShell is built into Windows and provides discoverability through commands like Get-Help and Get-Member. It offers advantages over traditional shells like being faster, more repeatable, and reducing errors.
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell44CON
This document discusses using PowerShell for digital forensics and incident response. It provides an overview of traditional forensic techniques like imaging and collection scripts. It then introduces PowerForensics, a PowerShell-based forensic toolkit that aims to provide a centralized, forensically sound, and operationally fast approach to live response. The document demonstrates PowerForensics by walking through the investigation of a mock incident where an internal system was compromised. It concludes by discussing future areas of development for PowerForensics and forensic tools more broadly.
This slideshow outlines 10 reasons why hackers use PowerShell to turn an operating system against itself and compromise entire networks without needing to install a single piece of software.
Возможности интерпретатора Python в NX-OSCisco Russia
The document discusses a webinar presented by Cisco TAC Engineer Anton Tugai about the capabilities of the Python interpreter in NX-OS. Some key points:
- Tugai gave a presentation on trends in Cisco SDN and current solutions.
- The webinar covered an introduction to Python, how Python is integrated into NX-OS, examples, and a demonstration.
- Native Python interpreter is available on Nexus switches starting from certain software versions, allowing Python scripts to run directly on the switch and execute CLI commands.
This document provides an introduction to the Python programming language. It discusses what Python is, what it can be used for, its syntax compared to other languages, how to get started with Python, variables, data types, numbers, and random numbers. Key points include that Python is an interpreted, multi-paradigm programming language used for web development, software development, mathematics, and more. It uses indentation rather than curly brackets and has a simple syntax. Variables do not require declaration, and Python has built-in data types like integers, floats, strings, lists, dictionaries, and more.
The document discusses new features in Visual Studio 2010 and .NET Framework 4.0, including an improved IDE, new language features in C# 4.0, and the Managed Extensibility Framework. It provides examples of using Parallel LINQ, named and optional parameters in C#, and asynchronous programming in F#.
This document provides an introduction to the Python programming language. It discusses what Python is, why it was created, its basic features and uses. Python is an interpreted, object-oriented programming language that is designed to be readable. It can be used for tasks such as web development, scientific computing, and scripting. The document also covers Python basics like variables, data types, operators, and input/output functions. It provides examples of Python code and discusses best practices for writing and running Python programs.
Introducing Language-Oriented Business Applications - Markus VoelterJAXLondon2014
The document introduces language-oriented business applications (LOBA) and language workbenches. LOBA uses domain-specific languages built with language workbenches to provide business users expressive tools for tasks like modeling core domain knowledge, business rules, and calculations. Examples of large LOBA systems are presented, demonstrating how language workbenches can be used to build languages tailored for different business domains. The benefits of LOBAs include improved productivity for business users and developers through features like syntax highlighting, auto-completion, and refactoring support provided by language workbenches.
Python is a high-level, interpreted, object-oriented programming language that is easy to learn and read. It has a broad standard library and is portable across platforms. The document discusses Python's features like being easy to maintain and extend. It then provides examples of basic Python syntax like print statements and describes a number guessing game project that uses conditionals to check if a user's guess is too high, too low, or correct compared to a randomly selected number.
The document provides guidelines for creating presentations using the Vbox7 template, including formatting instructions for fonts, logos, and saving presentations. It recommends embedding fonts, saving as a PDF, and not mixing templates. The template includes various slide elements like headlines, content splits, charts, tables, graphics, and gadgets for explaining projects. The last slide should include the company slogan and URL.
Jason Barr has over 15 years of experience in technical support, engineering, and programming roles. He is proficient in many programming languages including Perl, Ruby, Python, Java, and SQL. He has worked at several technology companies assisting customers and troubleshooting issues. His projects include automation scripts to assist with testing, monitoring, and customer support. He holds a law degree from Santa Clara University and bachelor's degree from UC Berkeley.
The document provides an introduction to PHP including:
- PHP basics like syntax, variables, operators, control structures
- How to work with forms, cookies, files, dates
- Creating functions
- Displaying dates in different formats
- Using arrays
- Server-side scripting alternatives like ASP, Java Servlets
- The goal is to provide enough knowledge to get started with PHP but not teach everything about it.
This is an end-to-end introduction to PowerShell, as an interactive shell but more as a scripting language. From the perspective of a full-stack developer, this presentation covers the basics and six of the common issues that occasional users run into.
This document provides an overview of programming terminology, languages, and factors to consider when hiring a developer. It defines terms like platform, framework, middleware, and full stack. It introduces popular languages like Java, C, C++, C#, PHP, Python, Ruby, JavaScript, and SQL. It also discusses unusual languages like Whitespace, LOLCODE, and Brainfuck. Finally, it lists qualities to look for in a developer like knowledge, efficiency, and communication skills, and provides common project FAQs.
What is Scala and how to functionally serve web content with Play! framework. It’s all about productively making correct and fast apps and to let you focus on the semantics. Success story of ditching PHP and going straight into functional web.
The document provides information on scripting languages and VBScript. It discusses the differences between compiled and scripting languages. Compiled languages are faster but require recompiling to change. Scripting languages are interpreted, slower but more portable and easier to change. VBScript is introduced as a scripting language created by Microsoft in response to JavaScript. It is designed to be easier to learn than Perl due to its similarities to Visual Basic. The document then covers VBScript basics like data types, operators, control structures and looping.
Language Server Protocol - Why the Hype?mikaelbarbero
The Language Server Protocol developed by Microsoft for Visual Studio Code is a language and IDE agnostic protocol which clearly separates language semantics from UI presentation. Language developers can implement the protocol and benefit from immediate support in all IDEs, while IDE developers, who implement the protocol get automatic support for all these languages without having to write any language-specific code. This session will let you learn more about the innards of the LSP. We will also have an overview of the current implementations in Eclipse, and outside Eclipse as well.
The document provides answers to 40 questions about PHP. It discusses topics like what PHP is, sessions, PEAR, cookies, error handling, object-oriented programming concepts in PHP, and how to interact with databases and send/receive data through GET and POST requests. Each question is followed by a short 1-3 sentence answer providing the key information about the topic. The document serves as a reference for common PHP questions and their essential answers.
This document provides an overview of Elasticsearch including:
- Elasticsearch is a database server that is implemented using RESTful HTTP/JSON and is easily scalable. It is based on Lucene.
- Features include being schema-free, real-time, easy to extend with plugins, automatic peer discovery in clusters, failover and replication, and community support.
- Terminology includes index, type, document, and field which make up the data structure inside Elasticsearch. Searches can be performed across multiple indices.
- Elasticsearch works using full-text searching via inverted indexing and analysis. Analysis extracts terms from text through techniques like removing stopwords, lowercase conversion, and stemming.
- Elasticsearch can be accessed in a RESTful manner
If you can write some code patch, it will be one of great ways for contributing open-sources. but, there is no way to contribute open-sources without writing code? I'd like to encourage doing translation, filing a bug and so on. This is a case study for that. Don't need anything else! Please join us and enjoy! :)
The document provides information about PHP including what it is, where it is used, why it is used, its power and capabilities, and how to install and run PHP code. PHP is introduced as a server-side scripting language designed for web development. It is used by many popular websites and content management systems. PHP code can be embedded into HTML and is commonly used as a server-side language. Basic instructions are provided on installing PHP and running a "Hello World" PHP program. An overview of PHP syntax, variables, constants, and strings is also given.
Similar to Practical PowerShell Programming for Professional People - Extended Edition (20)
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Practical PowerShell Programming for Professional People - Extended Edition
1. Practical PowerShell Programming
for
Professional People
Ben Ten
(@Ben0xA)
Slides: http://www.slideshare.net/BenTen0xA
BSidesDFW 2014
2. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
About Me
Ben Ten (0xA)
@Ben0xA - twitter
Chicago - #burbsec
Security Consultant
Developer
PoshSec Framework Developer / Creator
Gamer
Geek
7. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Overview
●Languages and Development
●PowerShell Scripting
●PowerShell Modules
●ActiveDirectory
●Resources
●Q&A
}
} 2nd Hour
1st Hour
8. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Overview
Feel free to interrupt and ask questions!
9. Languages and Development
Before we begin, a bit of a primer!
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
●Styles of Coding
●Syntax
●Getting Help
●Starting Out
10. Languages and Development
Styles of Coding/Scripting/Development
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
●Novice
●Avid Scripter
●Full Time Developer
●Code Monkey
11. Languages and Development
Styles of Coding/Scripting/Development
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
●Novice
●Avid Scripter
●Full Time Developer
●Code Monkey
12. Languages and Development
Syntax
syn•tax (sĭnˈtăksˌ) – the rules that govern
how a script, or program, is developed in a
given language.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
13. Languages and Development
Syntax
White Space, parens (), commas, periods,
quotes (“ vs '), tabs, braces [], curly
brackets {}, colons :, semi-colons ;, all play
an integral part in the syntax of a
language!
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
14. Languages and Development
Getting Help!
RTF Manual/Docs/Reference
Often times, the documentation will have
an answer for what you are trying to
accomplish. *NOT ALWAYS THOUGH*
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
15. Languages and Development
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Getting Help!
Interactive Help
● ?
●F1
●Intellisense (Ctrl+Space)
●Get-Help
16. Languages and Development
Getting Help!
Search Engines FTW!
Google is not the end all in searches. For
Development I prefer DuckDuckGo!
https://duckduckgo.com
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
17. Languages and Development
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
18. PowerShell
Overview
PowerShell is a task automation and
configuration management framework
from Microsoft, consisting of a command-line
shell and associated scripting
language built on the .NET Framework.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
19. PowerShell
Overview
PowerShell was designed by :
● Jeffrey Snover (@jsnover)
●Bruce Payette (@BrucePayette)
● James Truher
Initial release was November 14, 2006
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
20. PowerShell
Overview
PowerShell is a part of the Windows
Management Framework. WMF 5.0 was
released on April 3, 2014.
For today's scripting we will be using WMF
3.0.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
21. PowerShell
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
You will need:
●Windows Management Framework 3.0
●Microsoft .NET Framework 4.5
●Text Editor (your choice)
●Sublime Text http://www.sublimetext.com/
●Komodo Edit http://komodoide.com/komodo-edit/
●PowerShell ISE (comes with WMF)
22. PowerShell
File Name Extensions
.ps1 – Script Files
.psm1 – Script Module Files
.psd1 – Script Manifest Files
.ps1xml – Formatting and Type Files
.dll - Cmdlet and Provider Assemblies
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
23. PowerShell
File Name Extensions
.ps1 – Script Files
.psm1 – Script Module Files
.psd1 – Script Manifest Files
.ps1xml – Formatting and Type Files
.dll - Cmdlet and Provider Assemblies
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
24. PowerShell
Cmdlets, Functions, and Scripts Oh My!
From a functional standpoint, cmdlets,
functions, and scripts are practically the
same.
They are a way to call a specific block of
code.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
25. PowerShell
Cmdlet:
Written in a compiled .NET language.
Easier to deploy.
Help files are easier to write.
Has support for parameter validation.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
26. PowerShell
Function:
Written in a PowerShell language.
Has to be deployed with a library.
Help is written inside the function.
Parameter validation has to be done in the
function itself.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
27. PowerShell
Script:
Written in a PowerShell language.
Is invoked by calling the .ps1 file.
Deployed by itself or in a manifest file.
Can contain functions.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
28. PowerShell
Set-ExecutionPolicy
Before you can run your custom scripts
you have to set the ExecutionPolicy to
RemoteSigned.
In PowerShell type:
Set-ExecutionPolicy RemoteSigned
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
30. PowerShell
HelloWorld.ps1
Enough of the primer! Let's get coding!
This is where you code along with me if
you can!
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
34. HelloWorld.ps1
Variable(s):
a symbolic name associated with a value
and whose associated value may be
changed.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
35. HelloWorld.ps1
Hard-Coded:
Typing the value directly into your script.
Our “Hello World” text was hard-coded.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
36. HelloWorld.ps1
PowerShell Variables:
A PowerShell variable is defined with the
dollar sign $ followed by the name of the
variable.
For example: $message is a variable.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
37. HelloWorld.ps1
PowerShell Variables:
Let's rewrite our HelloWorld.ps1 to use a
variable $message with our text “Hello
World”.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
42. HelloWorld.ps1
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Strong vs Weak Typing:
$a = 1 weak type
[int]$a = 1 strong type
[String]$a = “1”
46. HelloWorld.ps1
Quotes! Single vs Double
Double Quotes (“) will attempt to resolve
any variables before anything is printed to
the screen.
Single Quotes (') will print exactly what is
typed between the quotes.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
51. HelloWorld.ps1
Backtick `
The backtick, or grave accent, is a special
escape character. This means that you
want the next character to be printed and
not interpreted in anyway.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
56. Getting Input
Write-Output is great. But how do you get
information from a user?
Read-Host
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
57. Getting Input
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
58. Getting Input
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
59. Conditional Logic
A Condition is:
a feature of a programming language
which perform a different set of
computations or actions depending on
whether a programmer-specified boolean
condition evaluates to true or false.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
60. Conditional Logic
A Condition is:
Is the stop light is green? Keep going.
Is the stop light is red? Stop.
Is the stop light is yellow? Floor it!!!!
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
61. Conditional Logic
A Condition expressed:
● If - Beginning of the condition.
●Else - Evaluates only if preceding condition(s)
is(are) false.
●ElseIf – Evaluates if preceding condition(s)
is(are) false with a new condition.
●Switch – Multiple conditions for a single
variable or object.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
62. Conditional Logic
A Conditional Operator:
-and = both conditions must be true.
-or = only one of the conditions must be
true.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
63. Conditional Logic
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
A Conditional Operator:
-eq = Equals
-lt = Less Than
-gt = Greater Than
-ne = Not Equal
-ge = Great Than or Equal
-le = Less Than or Equal
64. Conditional Logic
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
A Conditional Operator:
-Like
-NotLike
-Match
-NotMatch
-Contains
-NotContains
-In
-NotIn
-Replace
67. Conditional Logic
Operator Precedence:
When operators have equal precedence,
Windows PowerShell evaluates them from
left to right. The exceptions are the
assignment operators, the cast operators,
and the negation operators (!, -not, -bnot),
which are evaluated from right to left.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
68. Conditional Logic
Operator Precedence:
You can use enclosures, such as
parentheses, to override the standard
precedence order and force Windows
PowerShell to evaluate the enclosed part
of an expression before an unenclosed
part.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
73. Parameters
A Parameter is:
A variable that allows you to pass an
object to a Cmdlet, Function, or Script.
Get-ChildItem
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
78. Objects vs Text
PowerShell is Object Based.
Even if you see text on the screen, that
text is actually a “String” object.
You can access the members of the object
using the . operator after the variable
name.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
79. Objects vs Text
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
80. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Piping
Piping is:
a way of moving something, unchanged,
from one place to another.
81. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Piping
Piping is represented by the | (pipe)
character.
A pipe takes the object from the left side
and passes it to the right side.
Note: When passing to another cmdlet, $_
is used to reference the passed object.
82. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Piping
83. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Loops
Loops:
A way to perform the same block of code
for a specific number of times, until a
specific condition is met, or while a
specific condition exists.
84. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Loops
Loops:
●ForEach
●ForEach-Object
●For
●While
●Do While
●Do Until
85. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Loops
86. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Loops
87. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Loops
88. Comments
Comments are defined by the # symbol.
Block comments are enclosed with <# and
#>.
.SYNOPSIS
.DESCRIPTION
.PARAMETER
.EXAMPLE
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
89. Comments
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
90. Putting it all Together
The final script!
Requirements:
●Search all files.
●Find the ones that were modified in a
specific date range.
●Create a list of those files and display
them.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
91. Short Break!
Be back in 10 minutes!
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
92. Add Parameters for Date
Use Param () block to Add Parameters.
Get-Help about_Parameters
Param(
[Parameter(Mandatory=$true)]
[Date]$FromDate,
)
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
93. Add Parameters for Date
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
94. Add Parameters for Date
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
95. Add Parameters for Date
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
96. Add Parameters for Date
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
97. PowerShell
File Name Extensions
.ps1 – Script Files
.psm1 – Script Module Files
.psd1 – Script Manifest Files
.ps1xml – Formatting and Type Files
.dll - Cmdlet and Provider Assemblies
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
98. PowerShell
File Name Extensions
.ps1 – Script Files
.psm1 – Script Module Files
.psd1 – Script Manifest Files
.ps1xml – Formatting and Type Files
.dll - Cmdlet and Provider Assemblies
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
103. Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Module
Making Changes to Modules
●Must use -Force parameter when using
Import-Module for a module that is
already loaded into the session.
105. Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Module
Note on Compiled Modules (DLLs)
●You can not import a compiled module in
an active PowerShell RunSpace after it
was already imported.
●You have to close the RunSpace and open
it again.
106. Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
File I/O
Get-Content <filename>
●Export-CliXML, Export-Csv, Export-
FormatData
●Out-File, Out-Csv, Out-Data
107. Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
File I/O
Let's create a script that will read each line
of a CSV file, and write out only the first
delimited column.
108. ActiveDirectory
ActiveDirectory PowerShell Module
●Available in the RSAT
●Comes Standard on Server (2008, 2012)
●Windows 8 Note: Must use pkgmgr to
install the .cab file.
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
111. ActiveDirectory
Yes, you can do this the hard way...
Here's an example.
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
112. ActiveDirectory
But why do it the hard way?
Get-Command -Module ActiveDirectory
135 Commands!
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
114. ActiveDirectory
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Get-AdUser
●Query the domain controller.
●Get-Help Get-AdUser
116. ActiveDirectory
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
New-ADUser
●Adds a new user to the domain.
●Disabled by default!
119. ActiveDirectory
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
New-ADUser
●We can add a user with very few
parameters, but that user is not “usable”.
●Need -DisplayName -SAMAccountName
121. ActiveDirectory
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Remove-ADUser
●Uses the DN to remove the specified user.
●Remove-ADUser “CN=Ben
Ten,CN=Users,DC=dfw,DC=local”
122. Final Script
Take what you have learned and write a
PowerShell Function called Import-Users
●Imports Users from csv file Users.txt
●Must force Password Reset
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
123. Error Handling
Try / Catch / Finally Blocks are used to
catch exceptions.
Try {
}
Catch [Type] {
}
Finally {
}
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
124. Error Handling
ErrorVariable / ErrorAction are also used
but in a different way.
Get-Help about_CommonParameters
Do-Something -ErrorVariable $err
-ErrorAction [Continue | Ignore | Inquire |
SilentlyContinue | Stop]
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
125. Homework
Go back to your Import-User function. Add
Error Handling for when:
1. The DC is not responding.
2. The line you are trying to import is not
delimited correctly.
3. The user already exists.
Practical PowerShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
126. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Pitfalls
Don't overuse the Pipe! Not everything has
to be done in a single line.
It's more important that you understand
the code before you try to condense it to a
single line.
127. Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
Pitfalls
With Loops, start small then open the
valve all the way!
You can get more than you wanted, or get
stuck in an endless loop.
Especially true when doing File operations!
128. Resources
Freenode (irc.freenode.net)
#PowerShell, #pssec, #poshsec channels.
Learn Windows PowerShell in a Month of
Lunches ~ Don Jones
Carlos Perez – PowerShell Workshop at
BSidesDFW.
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
129. Resources
PoshSec – https://github.com/PoshSec
PoshSec Framework
PowerSploit –
https://github.com/mattifestation/
Posh-SecMod –
https://github.com/DarkOperator/
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
132. Matt Johnson (mwjcomputing)
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
133. Follow these People!
@mwjcomputing
@securitymoey
@jaysonstreet
@BSidesDFW
@tonikjdk
@darkoperator
@mattifestation
@obscuresec
@harmj0y
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
134. Contact - Q&A
Ben Ten (0xA)
@Ben0xA - twitter
http://ben0xa.com
https://poshsec.org
web@ben0xa.com
Ben0xA – LinkedIn, Github, keybase, etc.
irc.freenode.net
#burbsec, #poshsec, #pssec
http://www.slideshare.net/BenTen0xA
QUESTIONS?!
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
135. Thank You!
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)
136. Thank You!
Practical Powe rShell Programming for Professional People
BSidesDFW - Ben Ten (@Ben0xA)