PowerShell
Team Viewer Silent Install and Configuration
· β˜• 3 min read
In order to make a recent Bash Bunny payload, I needed to investigate how to install and configure Team Viewer without user interaction. This post will go through how I achieved that. My TeamViewer configuration was focussed around setting a personal password (a static password that can be used to access the computer) and installing TeamViewer as a service so the computer can be remotely controlled without a user being active.

Remove MS Store Apps Utility
· β˜• 5 min read
Customisable Windows 10/11 Microsoft Store App removal utility, previously known as Remove-Win10-Apps Remove MS Store Apps Utility can also be downloaded from: The Microsoft PowerShell Gallery GitHub Please consider supporting my work: Sign up using Patreon. Support with a one-time donation using PayPal. If you’d like to contact me, please leave a comment, send me a tweet or DM, or you can join my Discord server.

Bash Bunny Payload: Garfield steals passwords with LaZagne
· β˜• 4 min read
The Bash Bunny is a USB attack platform developed by Hak5 a security research group. It’s a device that looks like a USB memory stick, except it is a small computer running a Debian based Linux OS with a desktop class SSD and a quad core ARM processor. It can be configured to be a HID (Human Interface Device), storage device, serial device and USB based network adaptor in order to carry out automated tasks on a computer.

Bash Bunny Primer
· β˜• 7 min read
The Bash Bunny is a USB attack platform developed by Hak5 a security research group specialising in the development of network/system penetration testing tools and educational content. If you’d like to find out more information, you can find them here: Twitter | YouTube | Hak5.org The Bash Bunny is an excellent pentesting tool. It looks like a chunky USB memory stick, however it’s really a SoC running a quad-core ARM processor running a Debian based Linux OS with a desktop class SSD for storage.

Deploying A Windows 10 1909 November 2019 Update (19H2) Reference Image with MDT
· β˜• 15 min read
2019-11-12: Microsoft have confirmed on Twitter that there will be no updated ADK for Windows 10 1909, so keep using ADK 1903 with the fix as noted below. 2019-10-05: At the time of writing there is no ADK for Windows 10 1909 November 2019 Update (19H2), so I’ve tested this walkthrough using the ADK for Windows 10 1903 with the hotfix for Windows System Image Manager. I’ll keep these pages up to date when Windows 10 1909 is officially released.

Building A Windows 10 1909 November 2019 Update (19H2) Reference Image with MDT
· β˜• 11 min read
2019-11-12: Microsoft have confirmed on Twitter that there will be no updated ADK for Windows 10 1909, so keep using ADK 1903 with the fix as noted below. 2019-10-05: At the time of writing there is no ADK for Windows 10 1909 November 2019 Update (19H2), so I’ve tested this walkthrough using the ADK for Windows 10 1903 with the hotfix for Windows System Image Manager. I’ll keep these pages up to date when Windows 10 1909 is officially released.

Network Device Status Monitor (NDSM) Update v2.0
· β˜• 1 min read
Download it from GitHub, the Microsoft TechNet Gallery and the PowerShell Gallery. Big update to Network Device Status Monitor (NDSM) utility. Changes in 2.0 Added Microsoft Teams as an output location using a webhook. Here’s a walkthrough on how to create a webhook for your Teams instance. MS teams is limited to 10 devices. Not sure if it’s a Teams/webhook limit, or my code. Will investigate. Fixed bug where all devices are offline, a phantom device is added to the bottom of the offline list.

Quick PoSH: User Logon Auditing
· β˜• 1 min read
Here’s a quick and dirty user logon/logoff auditing script that has been helpful in educational institutions. The script is available to download from GitHub. Usage Open the Group Policy Object at the top most level of your domain(s) and add the script to the PowerShell scripts area. On log on, add the -logon parameter, and on log off add the -logoff parameter. Create a hidden share somewhere on your network, and give ‘Authenticated Users’ Full Control share and file permissions.

Office Update Utility
· β˜• 4 min read
Office Update Manager Office Update Utility can also be downloaded from: GitHub The Microsoft PowerShell Gallery If you would like to support me, please check out the links below. Thank you! Patreon Ko-fi PayPal If you’d like to contact me, please leave a comment, send me a tweet, or you can join the community on Discord. -Mike Features and Requirements This utility will check for and download update files for Office 365 and Office 2019.

Hyper-V Virtual Machine Backup Utility - Update v4.4
· β˜• 1 min read
Download it from the Microsoft TechNet Gallery the PowerShell Gallery and GitHub. Today I’ve released a minor update to my Hyper-V Backup Utility. In version 4.4 I’ve added more feedback when the script is used interactively. Whether you are running Hyper-V on a Windows 10 desktop or a Windows Server 2016 cluster, this utility can be used to backup your virtual machines. My original post with the full documentation is available here.

Removing Built-in Apps from Windows 10 1903
· β˜• 1 min read
I’ve updated my previous post on removing the built-in apps from Windows 10 to reflect the minor changes in the Windows 10 1903 May 2019 Update. You can find that post here, or under the Windows Deployment menu at the top of the page, and click on 1903 May 2019 Update (19H1). If you’d like to contact me, please leave a comment, send me a tweet or DM, or you can join my Discord server.

Deploying A Windows 10 1903 May 2019 Update (19H1) Reference Image with MDT
· β˜• 14 min read
Current Known Issue: With the Windows 10 1903 ADK on 64-bit, the Windows System Image Manager (WSIM) will fail to generate a catalogue. Microsoft has issued a fix which you can download here. The fix contains two updated files, ImageCat.exe and ImgMgr.exe which need to be copied to the location the ADK is installed. By default the location is: C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\WSIM. After installation you will still not be able to access the WSIM through MDT, but launching WSIM manually and then opening the install.

Building A Windows 10 1903 May 2019 Update (19H1) Reference Image with MDT
· β˜• 11 min read
Current Known Issue: With the Windows 10 1903 ADK on 64-bit, the Windows System Image Manager (WSIM) will fail to generate a catalogue. Microsoft has issued a fix which you can download here. The fix contains two updated files, ImageCat.exe and ImgMgr.exe which need to be copied to the location the ADK is installed. By default the location is: C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\WSIM. After installation you will still not be able to access the WSIM through MDT, but launching WSIM manually and then opening the install.