hardwaterhacker / scandiff
Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff performs an nmap ndiff on the output against previous results, 7zips all generated output, and optionally emails all output to a specified email address.
☆17Updated 10 years ago
Alternatives and similar repositories for scandiff:
Users that are interested in scandiff are comparing it to the libraries listed below
- Maps process creation logged by Sysmon uses Google Org Chart API☆24Updated 9 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- Queries to parse sysmon event log file with microsoft logparser☆56Updated 10 years ago
- ☆32Updated 5 months ago
- incident response scripts☆19Updated 6 years ago
- This script runs several security checks and makes modifications (with your permission) to your Active Directory domain to improve it's s…☆45Updated 9 years ago
- Sysmon configuration☆65Updated 6 years ago
- Windows PowerShell domain scanning tool☆54Updated 9 years ago
- A PowerShell module to abstract the complexities of Permanent WMI Event Subscriptions☆55Updated 9 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Updated 7 years ago
- PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.☆50Updated 7 years ago
- Tools for parsing Forensic images☆41Updated 6 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later☆20Updated 9 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- ☆23Updated 9 years ago
- ☆36Updated 8 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.☆15Updated 5 years ago
- Fast incident overview☆39Updated 8 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆38Updated 7 years ago
- A powershell script that prints a lot of IP and connection info to the screen☆31Updated 8 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆54Updated 7 years ago
- Sysmon configuration file template with default high-quality event tracing☆17Updated 3 years ago
- ☆30Updated 8 years ago
- Presentation Slides☆27Updated 5 years ago
- Executes PowerShell from an unmanaged process☆29Updated 10 years ago
- Automated forensics written in PowerShell☆34Updated 5 years ago
- Splunk app for Threat hunting☆15Updated 6 years ago
- Windows PowerShell module to help in the auditing of Active Directory environments.☆49Updated 8 years ago
- irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…☆14Updated 10 years ago