Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 6 PowerShell incident-response Projects
-
PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
-
AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
MemProcFS-Analyzer
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
-
Trawler
PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.
Project mention: Non-SysAdmin Use Cases for PowerShell? Basically, any use cases NOT involving network, RDP, system config, IT/LAN admin type stuff? | /r/PowerShell | 2023-05-10I use it for DFIR work - example - https://github.com/joeavanzato/Trawler
-
-
PowerShell incident-response related posts
- PersistenceSniper v1.13.0 and in-depth Wiki by @last0x00
- Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
- Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
- User was hacked and sent out malware via their company email however unable to find out how?
- Sharing a new tool I made for aiding my analysis of persistence mechanisms on Windows - Trawler
- GitHub - Automated Creation of Windows Memory Snapshots for DFIR
- PersistenceSniper: a Powershell script to hunt for persistence techniques used on Windows machines
-
A note from our sponsor - InfluxDB
www.influxdata.com | 28 Mar 2024
Index
What are some of the best open-source incident-response projects in PowerShell? This list will help you:
Project | Stars | |
---|---|---|
1 | PersistenceSniper | 1,774 |
2 | AzureHunter | 755 |
3 | MemProcFS-Analyzer | 396 |
4 | Trawler | 285 |
5 | Collect-MemoryDump | 209 |
6 | Power-Response | 61 |