This is a quick and dirty function for preventing SQL Injection, the function is designed to clean any variable that will be concatenated into an SQL query. Apostrophes and Double-Quotes are changed to entities in order to ensure that encoding does not become an issue when the content is pulled back into a page. I'm looking for criticism here, I want to know if this is secure or not.

Change wins settings for all nics

Builds a batch file to create hidden shares for a bunch of sub-directories (eg, User shares)

Send a Mail using Lotus Notes

convert WMI, date - time values

find external IP and external hostname with vbscript

List all services of a remote compute

Get all the properties of active directory

Get Bios info from wmi enabled machines

Kill a running program on a wmi enabled compute