/styles.css #mainSkip to content
//assets/t2t-logo.pngTech2Trust

PowerShell

Network helpers and VirusTotal utilities.

Network: quick refs

“ipconfig /all” equivalent:

Get-NetIPConfiguration

Ping / test connectivity:

Test-Connection
Test-NetConnection

Resolve DNS name:

Resolve-DnsName

Change DNS server (example):

Set-DnsClientServerAddress -InterfaceAlias "vEthernet (IsolatedInternal)" -ServerAddresses ("192.168.1.1", "192.168.1.2")
Resolve DNS names from a list of IPs 
$ips = @("8.8.8.8", "8.8.4.4", "1.1.1.1")
foreach ($ip in $ips) {
    $result = Resolve-DnsName -Name $ip
    $result | ForEach-Object {
        [PSCustomObject]@{
            IPAddress = $ip
            NameHost  = $_.NameHost
        }
    }
}
Resolve IPs from a list of domains 
$hostnames = @("example.com", "google.com", "microsoft.com")
foreach ($hostname in $hostnames) {
    $result = Resolve-DnsName -Name $hostname
    $result | Select-Object -Property Name, IPAddress
}
VirusTotal: domains from IPs (API v2) 
# Define your VirusTotal API key
$apiKey = "YOUR_API_KEY"

# Define the list of IP addresses
$ipAddresses = @("8.8.8.8", "8.8.4.4", "1.1.1.1")

function Get-AssociatedDomains {
    param ([string]$ip,[string]$apiKey)
    $url = "https://www.virustotal.com/vtapi/v2/ip-address/report?apikey=$apiKey&ip=$ip"
    $response = Invoke-RestMethod -Uri $url -Method Get
    return $response.resolutions | Select-Object -Property hostname
}

$results = @()
foreach ($ip in $ipAddresses) {
    $domains = Get-AssociatedDomains -ip $ip -apiKey $apiKey
    $domains | ForEach-Object {
        $results += [PSCustomObject]@{ IPAddress = $ip; Domain = $_.hostname }
    }
}

$results | Export-Csv -Path "associated_domains_results.csv" -NoTypeInformation
Write-Host "Results have been written to associated_domains_results.csv"
VirusTotal: subdomain discovery 
# Define your VirusTotal API key
$apiKey = "VirusTotal API Key"

# Define the domains for subdomain discovery
$domainsForSubdomainDiscovery = @("example.com", "anotherdomain.com")

# Define other domains that do not need subdomain discovery
$otherDomains = @("yetanotherdomain.com", "somedomain.com")

function Get-Subdomains {
    param ([string]$domain,[string]$apiKey)
    $url = "https://www.virustotal.com/vtapi/v2/domain/report?apikey=$apiKey&domain=$domain"
    $response = Invoke-RestMethod -Uri $url -Method Get
    return $response.subdomains
}

function Resolve-IP {
    param ([string]$domain)
    $result = Resolve-DnsName -Name $domain
    return $result | Select-Object -Property Name, IPAddress
}

$results = @()
foreach ($domain in $domainsForSubdomainDiscovery) {
    $subdomains = Get-Subdomains -domain $domain -apiKey $apiKey
    $allDomains = $subdomains + $domain
    foreach ($subdomain in $allDomains) {
        $ips = Resolve-IP -domain $subdomain
        $ips | ForEach-Object {
            $results += [PSCustomObject]@{ Domain = $subdomain; IPAddress = $_.IPAddress }
        }
    }
}
foreach ($domain in $otherDomains) {
    $ips = Resolve-IP -domain $domain
    $ips | ForEach-Object {
        $results += [PSCustomObject]@{ Domain = $domain; IPAddress = $_.IPAddress }
    }
}

$results | Export-Csv -Path "dns_resolution_results.csv" -NoTypeInformation
Write-Host "Results have been written to dns_resolution_results.csv"
/assets/site.js