• Stars
    star
    5
  • Rank 2,861,937 (Top 57 %)
  • Language
    Shell
  • Created over 8 years ago
  • Updated almost 8 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Linux Log Collector

More Repositories

1

PoSh-R2

PowerShell - Rapid Response... For the incident responder in you!
PowerShell
290
star
2

PowerShell

A series of scripts
PowerShell
93
star
3

Invoke-HiveNightmare

PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newer
PowerShell
35
star
4

AutomatedProfiler

Automated forensics written in PowerShell
Perl
32
star
5

Group_Policy

A series of GPO templates
18
star
6

BlueSpectrum

An IOC framework written in PowerShell
PowerShell
16
star
7

Anydesk_Forensics

PowerShell
12
star
8

Invoke-SRUMDump

A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.
PowerShell
12
star
9

Invoke-Fail2Ban

PowerShell version of Fail2Ban
PowerShell
11
star
10

TeamViewer_Forensics

A series of functions to parse Teamviewer logs to answer specific questions
PowerShell
9
star
11

EIF_Parser

Evil Inject Finder Remote Capability and Parser
PowerShell
9
star
12

McAfee_ePO

Custom Queries, Dashboards, and HIPs Rules
9
star
13

PoSh-R2_GUI

GUI version of PoSh-R2
PowerShell
9
star
14

Hunters_Hub

Custom Splunk App
CSS
7
star
15

Invoke-AZExplorer

Microsoft Azure Survey
PowerShell
7
star
16

Invoke-GhostLog

Removal of certain event logs within a Windows OS
PowerShell
7
star
17

Invoke-Unbup

Decrypts McAfee quarantine files
PowerShell
5
star
18

IIS_Log_Parser

IIS Logs
PowerShell
5
star
19

ConnectWise_Forensics

PowerShell
5
star
20

EventLog_Parsers

Series of scripts to parse the event log for analysis
PowerShell
4
star
21

Invoke-HAFNIUMCheck.ps1

Script used to identify compromise via CVEs 2021-26855, 26857, 26858, and 27065
PowerShell
4
star
22

UnderTheWire

PowerShell gaming server site
HTML
3
star
23

Briefs-and-Guides

2
star
24

Invoke-ProcessSuspend

Suspending Processes using PS
PowerShell
2
star
25

YarPoSh

Remoting Capability for Deploying YARA Across an Enterprise
PowerShell
2
star
26

WMI_Watcher

PowerShell
2
star
27

BareMonkey

Volatility plugin parser
Shell
2
star
28

Invoke-PrinterNightmareResponse

PowerShell
1
star
29

PoSh_git

A git-like environment in PowerShell
PowerShell
1
star
30

Invoke-HiveDreams

A capability to identify and remediate CVE-2021-36934 (HiveNightmare)
PowerShell
1
star
31

McAfee_ESM

Custom Dashboards
1
star
32

PoSh-Bitvise-Log-Parser

Parsing Bitvise logs with PowerShell
PowerShell
1
star
33

CVE-Checker

Collection of script to check for CVEs
Shell
1
star
34

Invoke-HashFinder

Searches for a supplied list of SHA1 or SHA256 hashes on a system. Requires either a file size or creation date that is associated with the binary that the hashes were retrieved from.
PowerShell
1
star