PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.
☆493Jul 29, 2017Updated 8 years ago
Alternatives and similar repositories for PSRecon
Users that are interested in PSRecon are comparing it to the libraries listed below
Sorting:
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆658Aug 19, 2019Updated 6 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,428Nov 16, 2023Updated 2 years ago
- Exploit the credentials present in files and memory☆843May 25, 2023Updated 2 years ago
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆388Jun 25, 2024Updated last year
- A PowerShell Module Dedicated to Reverse Engineering☆893Aug 20, 2021Updated 4 years ago
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Powershell Threat Hunting Module☆290Sep 21, 2016Updated 9 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,546Aug 2, 2019Updated 6 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆842Jun 25, 2024Updated last year
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,109Nov 3, 2017Updated 8 years ago
- Collection of PowerShell scripts☆450Dec 18, 2017Updated 8 years ago
- ☆519Jan 26, 2021Updated 5 years ago
- Powershell-based Windows Security Auditing Toolbox☆573Jan 9, 2019Updated 7 years ago
- A script for advanced discovery of Privileged Accounts - includes Shadow Admins☆825Sep 9, 2019Updated 6 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆633Jun 20, 2017Updated 8 years ago
- A post-exploitation powershell tool for extracting juicy info from memory.☆1,864Jun 28, 2024Updated last year
- A PowerShell TCP/IP swiss army knife.☆572May 1, 2017Updated 8 years ago
- Powershell module to assist in attacking Exchange/Outlook Web Access☆182Sep 22, 2016Updated 9 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- Random Tools☆850Oct 20, 2022Updated 3 years ago
- This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method.☆686Oct 27, 2016Updated 9 years ago
- PowerShell Obfuscation Detection Framework☆750Dec 1, 2023Updated 2 years ago
- Web interface for the Volatility Memory Forensics Framework☆260Nov 21, 2017Updated 8 years ago
- Incident Response Forensic Framework☆611Nov 20, 2019Updated 6 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- ☆164Aug 28, 2015Updated 10 years ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- Powershell C2 Server and Implants☆575Nov 11, 2019Updated 6 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- Cheat sheets for various projects.☆1,085Oct 16, 2017Updated 8 years ago
- PowerTools is a collection of PowerShell projects with a focus on offensive operations.☆2,180Dec 28, 2021Updated 4 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆853Mar 23, 2018Updated 7 years ago
- My musings with PowerShell☆2,703Nov 19, 2021Updated 4 years ago
- Connection-less Powershell Persistent and Resilient Backdoor☆232Sep 23, 2015Updated 10 years ago
- PowerShell Empire Web Interface☆330May 20, 2023Updated 2 years ago