forked from invictus-ir/Microsoft-Extractor-Suite
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Microsoft-Extractor-Suite.psm1
78 lines (66 loc) · 2.29 KB
/
Microsoft-Extractor-Suite.psm1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# Set supported TLS methods
[Net.ServicePointManager]::SecurityProtocol = "Tls12, Tls13"
$manifest = Import-PowerShellDataFile "$PSScriptRoot\Microsoft-Extractor-Suite.psd1"
$version = $manifest.ModuleVersion
$host.ui.RawUI.WindowTitle="Microsoft-Extractor-Suite $version"
$logo=@"
+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+
|M|i|c|r|o|s|o|f|t| |E|x|t|r|a|c|t|o|r| |S|u|i|t|e|
+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+
Copyright (c) 2023 Invictus Incident Response
Created by Joey Rentenaar & Korstiaan Stam
"@
Write-Host $logo -ForegroundColor Yellow
$outputDir = "Output"
if (!(test-path $outputDir)) {
New-Item -ItemType Directory -Force -Name $Outputdir | Out-Null
}
$retryCount = 0
Function StartDate
{
if (($startDate -eq "") -Or ($null -eq $startDate)) {
$script:StartDate = [datetime]::Now.ToUniversalTime().AddDays(-90)
write-LogFile -Message "[INFO] No start date provived by user setting the start date to: $($script:StartDate.ToString("yyyy-MM-ddTHH:mm:ssK"))" -Color "Yellow"
}
else
{
$script:startDate = $startDate -as [datetime]
if (!$script:startDate ) {
write-LogFile -Message "[WARNING] Not A valid start date and time, make sure to use YYYY-MM-DD" -Color "Red"
}
}
}
function EndDate
{
if (($endDate -eq "") -Or ($null -eq $endDate)) {
$script:EndDate = [datetime]::Now.ToUniversalTime()
write-LogFile -Message "[INFO] No end date provived by user setting the end date to: $($script:EndDate.ToString("yyyy-MM-ddTHH:mm:ssK"))" -Color "Yellow"
}
else {
$script:endDate = $endDate -as [datetime]
if (!$endDate) {
write-LogFile -Message "[WARNING] Not A valid end date and time, make sure to use YYYY-MM-DD" -Color "Red"
}
}
}
$logFile = "Output\LogFile.txt"
function Write-LogFile([String]$message,$color)
{
if ($color -eq "Yellow")
{
Write-host $message -ForegroundColor Yellow
}
elseif ($color -eq "Red")
{
Write-host $message -ForegroundColor Red
}
elseif ($color -eq "Green")
{
Write-host $message -ForegroundColor Green
}
else {
Write-host $message
}
$logToWrite = [DateTime]::Now.ToString() + ": " + $message
$logToWrite | Out-File $LogFile -Append
}