• Stars
    star
    1
  • Language
    PowerShell
  • Created almost 4 years ago
  • Updated over 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Searches for a supplied list of SHA1 or SHA256 hashes on a system. Requires either a file size or creation date that is associated with the binary that the hashes were retrieved from.

More Repositories

1

PoSh-R2

PowerShell - Rapid Response... For the incident responder in you!
PowerShell
290
star
2

PowerShell

A series of scripts
PowerShell
93
star
3

Invoke-HiveNightmare

PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newer
PowerShell
35
star
4

AutomatedProfiler

Automated forensics written in PowerShell
Perl
32
star
5

Group_Policy

A series of GPO templates
18
star
6

BlueSpectrum

An IOC framework written in PowerShell
PowerShell
16
star
7

Anydesk_Forensics

PowerShell
12
star
8

Invoke-SRUMDump

A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.
PowerShell
12
star
9

Invoke-Fail2Ban

PowerShell version of Fail2Ban
PowerShell
11
star
10

TeamViewer_Forensics

A series of functions to parse Teamviewer logs to answer specific questions
PowerShell
9
star
11

EIF_Parser

Evil Inject Finder Remote Capability and Parser
PowerShell
9
star
12

McAfee_ePO

Custom Queries, Dashboards, and HIPs Rules
9
star
13

PoSh-R2_GUI

GUI version of PoSh-R2
PowerShell
9
star
14

Hunters_Hub

Custom Splunk App
CSS
7
star
15

Invoke-AZExplorer

Microsoft Azure Survey
PowerShell
7
star
16

Invoke-GhostLog

Removal of certain event logs within a Windows OS
PowerShell
7
star
17

Invoke-Unbup

Decrypts McAfee quarantine files
PowerShell
5
star
18

IIS_Log_Parser

IIS Logs
PowerShell
5
star
19

ConnectWise_Forensics

PowerShell
5
star
20

SkittleGrinder

Linux Log Collector
Shell
5
star
21

EventLog_Parsers

Series of scripts to parse the event log for analysis
PowerShell
4
star
22

Invoke-HAFNIUMCheck.ps1

Script used to identify compromise via CVEs 2021-26855, 26857, 26858, and 27065
PowerShell
4
star
23

UnderTheWire

PowerShell gaming server site
HTML
3
star
24

Briefs-and-Guides

2
star
25

Invoke-ProcessSuspend

Suspending Processes using PS
PowerShell
2
star
26

YarPoSh

Remoting Capability for Deploying YARA Across an Enterprise
PowerShell
2
star
27

WMI_Watcher

PowerShell
2
star
28

BareMonkey

Volatility plugin parser
Shell
2
star
29

Invoke-PrinterNightmareResponse

PowerShell
1
star
30

PoSh_git

A git-like environment in PowerShell
PowerShell
1
star
31

Invoke-HiveDreams

A capability to identify and remediate CVE-2021-36934 (HiveNightmare)
PowerShell
1
star
32

McAfee_ESM

Custom Dashboards
1
star
33

PoSh-Bitvise-Log-Parser

Parsing Bitvise logs with PowerShell
PowerShell
1
star
34

CVE-Checker

Collection of script to check for CVEs
Shell
1
star