CimSweep
CIM toolkit
A suite of tools enabling remote incident response and hunting on Windows systems using CIM/WMI-based cmdlets.
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
649 stars
75 watching
148 forks
Language: PowerShell
last commit: over 5 years ago
Linked from 3 awesome lists
meirwah/awesome-incident-response
fabacab/awesome-cybersecurity-blueteam
0x4d31/awesome-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 ghostpack/sharpwmi | A C# implementation of WMI functionality for remote system management and automation tasks. | 753 |
 redsiege/wmimplant | A PowerShell-based tool leveraging WMI to execute remote actions and serve as a command and control channel | 806 |
 thestackshack/cim | A tool that simplifies the management of infrastructure and cloud resources by abstracting away some of the complexity of CloudFormation and AWS | 51 |
 mdowst/lemmy-powershell | A PowerShell module for interacting with the Lemmy federated social media platform | 2 |
| mattifestation/powershellarsenal | A PowerShell module used to aid in reverse engineering and analysis of various file formats and memory structures. | 859 |
 mscrmtools/xrmtoolbox | An application that provides tools and plugins to simplify customization and configuration tasks for Microsoft Dynamics CRM/365/Dataverse/PowerApps using the Common Data Service for Apps (CDS). | 574 |
 fox-it/dissect.cim | A Dissect module implementing a parser for the Windows Common Information Model (CIM) database | 5 |
 wintermi/zsh-mise | Provides a polyglot tool version manager for multiple programming languages | 9 |
 jstedfast/mimekit | A C# library for creating and parsing MIME messages with support for various email standards. | 1,836 |
 microsoft/msticpy | A Python library providing tools and utilities for data analysis and visualization in security investigations. | 1,772 |
 mez-0/csharpwinrm | An implementation of a .NET 4.0 WinRM API for executing commands on remote hosts using the WMI Win32_Process method. | 161 |
 damonmohammadbagher/etwprocessmon2 | A tool for monitoring and detecting malicious activity via ETW events | 292 |
 mosesrenegade/cyber-threat-response-clinic | Provides tools and techniques to help organizations respond to cyber threats | 4 |
 danielchronlund/dctoolbox | A PowerShell toolbox for Microsoft 365 security tasks and management. | 316 |
 codic12/worm | A dynamic window manager written in Nim, supporting tag-based tiling and floating mode. | 713 |