PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
updated at Jan. 29, 2024, 5:35 p.m.
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
updated at April 28, 2024, 12:09 a.m.
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
updated at May 7, 2024, 8:04 p.m.
$MFT directory tree reconstruction & FILE record info
updated at May 9, 2024, 5:54 a.m.
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
updated at May 11, 2024, 9:15 p.m.
A repository of sysmon configuration modules
updated at May 11, 2024, 11:13 p.m.