PowerHuntShares.psm1

Disable antivirus

Set-MpPreference -DisableRealtimeMonitoring $true

Note: this doesn't seem to work in Windows 11, even after disabling tamper protection. So you might just want to disable active protection in the GUI.

Import the PHS module

Import-Module .\PowerHuntShares.psm1

Run the collection and save to a folder called DUMPDIR

Invoke-HuntSMBShares -runspacetimeout 10 -Threads 100 -OutputDirectory DUMPDIR

Disable antivirus​

Import the PHS module​

Run the collection and save to a folder called DUMPDIR​

Disable antivirus

Import the PHS module

Run the collection and save to a folder called DUMPDIR