PSRecon
Host scanner
Automates data collection and forensic analysis from remote Windows hosts using PowerShell
PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.
479 stars
54 watching
105 forks
Language: PowerShell
last commit: over 7 years ago
Linked from 2 awesome lists
meirwah/awesome-incident-response
fabacab/awesome-cybersecurity-blueteamRelated projects:
| Repository | Description | Stars |
|---|---|---|
 t0pcyber/hawk | A PowerShell-based tool to gather information on O365 intrusions and potential breaches. | 722 |
 securityjoes/forensicminer | Automates evidence collection and analysis from Windows machines using PowerShell. | 149 |
 johnlatwc/pypowershellxray | Decodes and analyzes encoded PowerShell scripts to identify potential shellcode and reverse-engineered APIs. | 215 |
 swisscom/powersponse | A PowerShell module for remotely managing and containing malware-infected hosts during incident response. | 38 |
 infocyte/pshunt | A Powershell Threat Hunting Module designed to scan and survey remote endpoints for indicators of compromise or comprehensive system information. | 280 |
 threatexpress/red-team-scripts | A collection of tools and scripts used by red teamers to gather information about compromised systems. | 1,113 |
 kacos2000/win10 | A PowerShell script collection focused on Windows 10/11 forensic analysis and research tools. | 179 |
 royhills/arp-scan | Tools for network discovery and host fingerprinting using ARP protocol | 991 |
 adrecon/adrecon | Tools for gathering and reporting information about an Active Directory environment | 717 |
 crowdstrike/crt | A tool to query Azure AD and Exchange Online configuration settings for security audits. | 711 |
 hausec/powerzure | A framework to assess and exploit resources within Azure cloud platform | 1,119 |
 pcgeek86/psgithub | A PowerShell module providing commands to query and manage GitHub through its REST API. | 187 |
 assetnote/surf | A tool that identifies and filters potential Server-Side Request Forgery (SSRF) vulnerabilities in cloud environments by probing external hosts. | 599 |
 411hall/jaws | A PowerShell script designed to gather information about Windows system vulnerabilities and potential attack vectors | 1,717 |
 nyxgeek/o365recon | Retrieves information from O365 and AzureAD using valid credentials. | 695 |