Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function Get-TCPConnections {
- $RawConnections = Get-NetTCPConnection
- $Connections = $()
- foreach($rawConnection in $RawConnections)
- {
- if($rawConnection.RemoteAddress -eq "0.0.0.0" -or $rawConnection.RemoteAddress -eq "127.0.0.1" -or $rawConnection.RemoteAddress -eq "::")
- {
- continue;
- }
- $Process = Get-Process -Id $rawConnection.OwningProcess
- $Url = "http://ip-api.com/json/" + $rawConnection.RemoteAddress
- $Details = Invoke-RestMethod -Method Get -Uri $Url
- [PsCustomObject]@{
- ProcessId = $Process.Id;
- ProcessName = $Process.ProcessName;
- HandleCount = $Process.Handles;
- LocalAddress = $rawConnection.LocalAddress;
- RemoteAddress = $rawConnection.RemoteAddress;
- LocalPort = $rawConnection.LocalPort;
- RemotePort= $rawConnection.RemotePort;
- State = $rawConnection.State;
- OffloadState = $rawConnection.OffloadState;
- InstanceID = $rawConnection.InstanceID;
- CreationTime = $rawConnection.CreationTime;
- PSComputerName = $rawConnection.PSComputerName;
- Name = $rawConnection.Name;
- Caption = $rawConnection.Caption;
- Description = $rawConnection.Description;
- CountryCode = $Details.countryCode;
- Country = $Details.country;
- Region = $Details.region;
- RegionName = $Details.regionName;
- City = $Details.city;
- Zip = $Details.zip;
- Latitude = $Details.lat;
- Longitude = $Details.lon;
- Timezone = $Details.timezone;
- ISP = $Details.isp;
- Org = $Details.org;
- As = $Details.as;
- Query = $Details.query;
- }
- }
- }
- $Connections = Get-TCPConnections
- $Connections
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
