Building PoshCAT Part 2 – Adding your own custom functions

Last week I showed how you can create different Client Actions lists for different support groups in your organization and in this post I will show how you can add/create your own custom functions for PoshCAT

So let’s assume that you would like to query applied Computer Group Policy objects. If you want that your custom function returns some kind of information, then it must return PSObject.

Here is the function that I use in this example. This function queries only applied/enabled policies

 1 Function Get-ComputerAppliedPolicies
 2 {
 3     $GPOPolicies = @()
 4     $GPOQuery = Get-WmiObject -Namespace "ROOT\RSOP\Computer" -Class RSOP_GPLink -Filter "AppliedOrder <> 0"| ForEach-Object {$_.GPO.ToString().Replace("RSOP_GPO.","")}
 5         foreach($GP in $GPOQuery){
 6             $AppliedPolicy = Get-WmiObject -Namespace "ROOT\RSOP\Computer" -Class RSOP_GPO -Filter $GP
 7                 $DObject = New-Object PSObject
 8                 $DObject | Add-Member -MemberType NoteProperty -Name "ComputerName" -Value $env:ComputerName
 9                 $DObject | Add-Member -MemberType NoteProperty -Name "Name" -Value $AppliedPolicy.Name
10                 $DObject | Add-Member -MemberType NoteProperty -Name "GuidName" -Value $AppliedPolicy.GuidName
11                 $DObject | Add-Member -MemberType NoteProperty -Name "ID" -Value $AppliedPolicy.ID
12                 $GPOPolicies += $DObject
13         }
14     $GPOPolicies
15 }

This function creates the following output

To add this function to PoshCAT

1. Open WorkerFunctions.ps1 file with PowerShell ISE and copy the Get-ComputerAppliedPolicies function to custom functions section

2. Save the WorkerFunctions.ps1 file

3. Open Commands.XML file and add the following line

4. Save the Commands.XML file

5. Start PoshCAT

If you have followed all the steps correctly you should see the command in PoshCAT

This custom function creates following output

Enjoy!