CsaProtocol / PowerShell-FIM
File integrity monitor proof-of-concept in PowerShell sends a message via Telegram when it detects changes to a specified directory. It continually checks for changes by generating hashes for all files and comparing them to a stored baseline. Uses Telegram API and allows choice of hash algorithm.
☆11Updated 2 years ago
Alternatives and similar repositories for PowerShell-FIM
Users that are interested in PowerShell-FIM are comparing it to the libraries listed below
Sorting:
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆16Updated 2 years ago
- ☆18Updated last year
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆16Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- A Multi-Threaded PE Export Collection Utility☆14Updated 2 years ago
- Parser for Windows PowerShell script block logs☆13Updated 4 months ago
- Tool for obtaining information about PPL processes☆17Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Updated 3 years ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Updated last year
- Speaking materials from conferences I've given☆9Updated 2 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Updated 2 years ago
- CIS Benchmark testing of Windows SIEM configuration☆44Updated last year
- Searching .evtx logs for remote connections☆23Updated last year
- Cmdlets for capturing Windows Events☆14Updated 3 years ago
- ☆27Updated 2 years ago
- Python Script for SAML2 Authentication Passwordspray☆39Updated last year
- ☆14Updated 2 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- Random scripts for azure stuff☆11Updated 2 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 10 months ago
- Analyze Windows Systems for common and unique vulnerabilities☆9Updated 2 years ago
- ☆11Updated 3 weeks ago
- ☆15Updated 2 years ago
- Exploit POC for CVE-2024-22026 affecting Ivanti EPMM "MobileIron Core"☆13Updated last year
- ☆12Updated 2 years ago
- Yet, Another Packer/Loader☆25Updated 2 years ago