PSRecon
Host scanner
Automates data collection and forensic analysis from remote Windows hosts using PowerShell
PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.
479 stars
54 watching
105 forks
Language: PowerShell
last commit: over 7 years ago
Linked from 2 awesome lists
meirwah/awesome-incident-response
fabacab/awesome-cybersecurity-blueteamRelated projects:
| Repository | Description | Stars |
|---|---|---|
 t0pcyber/hawk | A PowerShell-based tool designed to facilitate forensic analysis in O365 environments by gathering and organizing relevant data. | 708 |
 securityjoes/forensicminer | Automates evidence collection and analysis from Windows machines using PowerShell. | 148 |
 johnlatwc/pypowershellxray | Decodes and analyzes encoded PowerShell scripts to identify potential shellcode and reverse-engineered APIs. | 215 |
 swisscom/powersponse | A PowerShell module for remotely managing and containing malware-infected hosts during incident response. | 38 |
 infocyte/pshunt | A Powershell Threat Hunting Module designed to scan and survey remote endpoints for indicators of compromise or comprehensive system information. | 279 |
 threatexpress/red-team-scripts | A collection of tools and scripts used by red teamers to gather information about compromised systems. | 1,114 |
 kacos2000/win10 | A PowerShell script collection focused on Windows 10/11 forensic analysis and research tools. | 178 |
 royhills/arp-scan | Tools for network discovery and host fingerprinting using ARP protocol | 977 |
 adrecon/adrecon | Tools for gathering and reporting information about an Active Directory environment | 703 |
 crowdstrike/crt | A tool designed to help organizations discover and manage permissions in Microsoft 365 environments | 706 |
 hausec/powerzure | A framework to assess and exploit resources within Azure cloud platform | 1,106 |
 pcgeek86/psgithub | A PowerShell module providing commands to query and manage GitHub through its REST API. | 187 |
 assetnote/surf | A tool that identifies and filters potential Server-Side Request Forgery (SSRF) vulnerabilities in cloud environments by probing external hosts. | 533 |
 411hall/jaws | A PowerShell script designed to gather information about Windows system vulnerabilities and potential attack vectors | 1,693 |
 nyxgeek/o365recon | Retrieves information from O365 and AzureAD using valid credentials. | 691 |