Trawler
Win10
Trawler | Win10 | |
---|---|---|
6 | 1 | |
289 | 166 | |
- | - | |
5.2 | 7.2 | |
about 1 month ago | 5 months ago | |
PowerShell | PowerShell | |
MIT License | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Trawler
-
Non-SysAdmin Use Cases for PowerShell? Basically, any use cases NOT involving network, RDP, system config, IT/LAN admin type stuff?
I use it for DFIR work - example - https://github.com/joeavanzato/Trawler
- Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
-
User was hacked and sent out malware via their company email however unable to find out how?
Shameless self-promotion to help you hunt for persistence mechanisms on the endpoint itself if it's Windows - https://github.com/joeavanzato/Trawler
- Sharing a new tool I made for aiding my analysis of persistence mechanisms on Windows - Trawler
- Sharing a new tool I'm working on to help discover persistence mechanisms on Windows - similar to PersistenceSniper but with a wider coverage and built-in allow-list/regex scanning mechanisms.
Win10
-
Finding the last device connected to the PC
I have found interesting stuff about this log on the Internet (1 and 2). Too bad they don't correspond to me.
What are some alternatives?
Live-Forensicator - Powershell Script to aid Incidence Response and Live Forensics | Bash Script for MacOS Live Forensics and Incidence Response
WinLoginAudit - Send realtime Windows Login Audit trail to Telegram messenger
MemProcFS-Analyzer - MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
WELA - WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
AzureHunter - A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Queries - SQLite queries
Power-Response - Powering Up Incident Response with Power-Response
PSWriteHTML - PSWriteHTML is PowerShell Module to generate beautiful HTML reports, pages, emails without any knowledge of HTML, CSS or JavaScript. To get started basics PowerShell knowledge is required.
WindowsDFIR - Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or events.
PersistenceSniper - Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
public-apis - A collective list of free APIs