PSRecon

Host scanner

Automates data collection and forensic analysis from remote Windows hosts using PowerShell

rocket PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.

GitHub

479 stars
54 watching
105 forks
Language: PowerShell
last commit: over 7 years ago
Linked from 2 awesome lists


Backlinks from these awesome lists:

Related projects:

Repository Description Stars
t0pcyber/hawk A PowerShell-based tool designed to facilitate forensic analysis in O365 environments by gathering and organizing relevant data. 708
securityjoes/forensicminer Automates evidence collection and analysis from Windows machines using PowerShell. 148
johnlatwc/pypowershellxray Decodes and analyzes encoded PowerShell scripts to identify potential shellcode and reverse-engineered APIs. 215
swisscom/powersponse A PowerShell module for remotely managing and containing malware-infected hosts during incident response. 38
infocyte/pshunt A Powershell Threat Hunting Module designed to scan and survey remote endpoints for indicators of compromise or comprehensive system information. 279
threatexpress/red-team-scripts A collection of tools and scripts used by red teamers to gather information about compromised systems. 1,114
kacos2000/win10 A PowerShell script collection focused on Windows 10/11 forensic analysis and research tools. 178
royhills/arp-scan Tools for network discovery and host fingerprinting using ARP protocol 977
adrecon/adrecon Tools for gathering and reporting information about an Active Directory environment 705
crowdstrike/crt A tool designed to help organizations discover and manage permissions in Microsoft 365 environments 706
hausec/powerzure A framework to assess and exploit resources within Azure cloud platform 1,106
pcgeek86/psgithub A PowerShell module providing commands to query and manage GitHub through its REST API. 187
assetnote/surf A tool that identifies and filters potential Server-Side Request Forgery (SSRF) vulnerabilities in cloud environments by probing external hosts. 533
411hall/jaws A PowerShell script designed to gather information about Windows system vulnerabilities and potential attack vectors 1,701
nyxgeek/o365recon Retrieves information from O365 and AzureAD using valid credentials. 691