PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
updated at Jan. 29, 2024, 5:35 p.m.
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
updated at May 11, 2024, 9:15 p.m.
$MFT directory tree reconstruction & FILE record info
updated at May 15, 2024, 9:58 p.m.
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
updated at May 20, 2024, 1:19 p.m.
A repository of sysmon configuration modules
updated at May 24, 2024, 5:46 p.m.
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
updated at May 25, 2024, 6:22 p.m.