PowerGRR by swisscom

PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.

updated at Aug. 26, 2023, 6:23 p.m.

20 +0

56 +0

7 +0

PowerSponse by swisscom

PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.

updated at Jan. 29, 2024, 5:35 p.m.

15 +0

36 +0

6 +0

Invoke-LiveResponse by mgreen27

Invoke-LiveResponse

updated at April 16, 2024, 12:32 a.m.

13 +0

144 +0

29 +0

WELA by Yamato-Security

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

updated at May 11, 2024, 9:15 p.m.

17 +0

678 +0

74 +0

MFT_Browser by kacos2000

$MFT directory tree reconstruction & FILE record info

updated at May 15, 2024, 9:58 p.m.

13 +0

280 +0

30 +0

CimSweep by mattifestation

CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.

updated at May 20, 2024, 1:19 p.m.

75 +0

635 +1

151 +0

sysmon-modular by olafhartong

A repository of sysmon configuration modules

updated at May 24, 2024, 5:46 p.m.

164 +0

2,504 +2

568 +0

Meerkat by TonyPhipps

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

updated at May 25, 2024, 6:22 p.m.

31 +0

424 +1

84 +0

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

updated at May 26, 2024, 4:09 a.m.

200 +2

5,948 +32

873 +2