Alternatives and similar repositories for PSRecon:

Users that are interested in PSRecon are comparing it to the libraries listed below

• mattifestation / CimSweep
  CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…
  ☆650Updated 5 years ago
• A-mIn3 / WINspect
  Powershell-based Windows Security Auditing Toolbox
  ☆576Updated 6 years ago
• danielbohannon / Revoke-Obfuscation
  PowerShell Obfuscation Detection Framework
  ☆729Updated last year
• Invoke-IR / Uproot
  Currently not updated for WMIEvent module...
  ☆262Updated 8 years ago
• darkoperator / Posh-SecMod
  PowerShell Module with Security cmdlets for security work
  ☆439Updated 4 years ago
• WiredPulse / PoSh-R2
  PowerShell - Rapid Response... For the incident responder in you!
  ☆297Updated 5 years ago
• Invoke-IR / PowerForensics
  PowerForensics provides an all in one platform for live disk forensic analysis
  ☆1,393Updated last year
• Cyb3rWard0g / Invoke-ATTACKAPI
  A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
  ☆367Updated 6 years ago
• TonyPhipps / Meerkat
  A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
  ☆443Updated 3 months ago
• GoFetchAD / GoFetch
  GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
  ☆631Updated 7 years ago
• Infocyte / PSHunt
  Powershell Threat Hunting Module
  ☆282Updated 8 years ago
• l0ss / Grouper
  A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
  ☆740Updated 6 years ago
• Invoke-IR / ACE
  Automated, Collection, and Enrichment Platform
  ☆324Updated 5 years ago
• mattifestation / PowerShellArsenal
  A PowerShell Module Dedicated to Reverse Engineering
  ☆868Updated 3 years ago
• PyroTek3 / PowerShell-AD-Recon
  PowerShell Scripts I find useful
  ☆747Updated 8 years ago
• Ben0xA / nps
  Not PowerShell
  ☆446Updated 8 years ago
• mandiant / flare-wmi
  ☆422Updated last year
• RedSiege / WMIOps
  This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.
  ☆381Updated 7 months ago
• mandiant / ShimCacheParser
  ☆275Updated last year
• RedSiege / WMImplant
  This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …
  ☆811Updated 7 months ago
• nettitude / PoshC2_Old
  Powershell C2 Server and Implants
  ☆574Updated 5 years ago
• diogo-fernan / ir-rescue
  A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
  ☆476Updated 4 years ago
• davehull / Kansa
  A Powershell incident response framework
  ☆1,584Updated 2 years ago
• ion-storm / sysmon-config
  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …
  ☆792Updated last year
• SekoiaLab / Fastir_Collector
  ☆507Updated 4 years ago
• cyberark / ACLight
  A script for advanced discovery of Privileged Accounts - includes Shadow Admins
  ☆800Updated 5 years ago
• MHaggis / sysmon-dfir
  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  ☆910Updated last year
• ANSSI-FR / AD-control-paths
  Active Directory Control Paths auditing and graphing tools
  ☆661Updated 4 years ago
• giMini / PowerMemory
  Exploit the credentials present in files and memory
  ☆838Updated last year
• secabstraction / PowerCat
  A PowerShell TCP/IP swiss army knife.
  ☆562Updated 7 years ago