Finding Processes

Sample_Processes

Synopsis: Find a sample process for each logged in user
Mandatory Parameters: -
Optional Parameters: -
Examples:
(Tokens) > Sample_Processes
P/Invokes: OpenProcess, OpenProcessToken, CloseHandle, GetTokenInformation, GetTokenInformation

Sample_Processes_WMI

Synopsis: Find a sample process for each logged in user via WMI
Mandatory Parameters: -
Optional Parameters: -
Examples:
(Tokens) > Sample_Processes_WMI
P/Invokes: -

Find_User_Processes

Synopsis: Find all processes associated with a user
Mandatory Parameters: Username
Optional Parameters: -
Examples:
(Tokens) > Find_User_Processes domain\user
P/Invokes: OpenProcess, OpenProcessToken, CloseHandle, GetTokenInformation, GetTokenInformation

Find_User_Processes_WMI

Synopsis: Find all processes associated with a user via WMI
Mandatory Parameters: Username
Optional Parameters: -
Examples:
(Tokens) > Find_User_Processes_WMI domain\user
P/Invokes: -

Sessions

Synopsis: List all desktop sessions, i.e. current interactive users
Parameters: -
Optional Parameters: -
Examples:
(Tokens) > Sessions
P/Invokes: WTSEnumerateSessions, WTSQuerySessionInformationW

Provide feedback

Saved searches