CsaProtocol / PowerShell-FIM
File integrity monitor proof-of-concept in PowerShell sends a message via Telegram when it detects changes to a specified directory. It continually checks for changes by generating hashes for all files and comparing them to a stored baseline. Uses Telegram API and allows choice of hash algorithm.
☆11Updated last year
Related projects ⓘ
Alternatives and complementary repositories for PowerShell-FIM
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- ☆17Updated last year
- Tool for obtaining information about PPL processes☆17Updated 9 months ago
- Tricard - Malware Sandbox Fingerprinting☆19Updated 11 months ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆16Updated last year
- A Python script to find tenant id an region from a list of domain names.☆12Updated last year
- ☆14Updated 3 years ago
- Extension functionality for the NightHawk operator client☆26Updated last year
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆28Updated 7 months ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- ☆25Updated last year
- Searching .evtx logs for remote connections☆23Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated last year
- ☆27Updated last year
- Track past changes in your AD accounts (users ,computers & groups), even if no event logs exist - e.g. not collected, no retention/overwr…☆15Updated last week
- ☆12Updated 2 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆13Updated 2 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 4 months ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆19Updated last year
- CIS Benchmark testing of Windows SIEM configuration☆43Updated last year
- Takes the original idea of NetCease and adds functionality☆24Updated 2 years ago
- Leverages B64 chunks to split files and save to clipboard☆24Updated 5 months ago
- This is a simple Python script that connects to a MISP instance and retrieves attributes of specific types (such as IP addresses, URLs, a…☆16Updated last year
- A simple to use single-include Windows API resolver☆17Updated 4 months ago
- ☆20Updated last year
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- ☆13Updated 3 years ago
- The Catherine Framework is a general-purpose cybersecurity framework built to provide extended support for defense operations.☆16Updated 7 months ago