hardwaterhacker / scandiff
Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff performs an nmap ndiff on the output against previous results, 7zips all generated output, and optionally emails all output to a specified email address.
☆17Updated 10 years ago
Alternatives and similar repositories for scandiff:
Users that are interested in scandiff are comparing it to the libraries listed below
- Maps process creation logged by Sysmon uses Google Org Chart API☆24Updated 9 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- incident response scripts☆19Updated 6 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- Tools for parsing Forensic images☆41Updated 6 years ago
- ☆31Updated 4 months ago
- Queries to parse sysmon event log file with microsoft logparser☆56Updated 9 years ago
- A PowerShell module to abstract the complexities of Permanent WMI Event Subscriptions☆55Updated 9 years ago
- Sysmon configuration☆66Updated 6 years ago
- Windows PowerShell domain scanning tool☆54Updated 8 years ago
- Sysmon configuration file template with default high-quality event tracing☆17Updated 3 years ago
- This script runs several security checks and makes modifications (with your permission) to your Active Directory domain to improve it's s…☆45Updated 9 years ago
- PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.☆50Updated 7 years ago
- Splunk app for Threat hunting☆15Updated 6 years ago
- ☆36Updated 8 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Updated 6 years ago
- ☆30Updated 8 years ago
- Comprehensive Pivoting Framework☆20Updated 8 years ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13Updated 6 years ago
- Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …☆77Updated 7 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Presentation Slides☆27Updated 5 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆13Updated 2 years ago
- Tool to parse SRU database☆24Updated 7 years ago
- ☆23Updated 9 years ago
- ☆39Updated 5 years ago
- Speeds up the extraction of password hashes from ntds.dit files. For use with the ntdsxtract project or the dshash script☆27Updated last year
- RegRipper wrapper for simplified bulk parsing or registry hives☆9Updated 6 years ago
- Fast incident overview☆39Updated 8 years ago