Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule from a monitoring engine such as Nagios, however, it may also be run from a command-line (for incident response), or even from another monitoring system. The script is heavily commented and very readable with numerous usage examples in the script itself. For more information on the script and the logic behind it, check out https://www.linuxincluded.com/uncovering-indicators-of-compromise. Enjoy!
-
Notifications
You must be signed in to change notification settings - Fork 22
Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule from a monitoring engine such as Nagios, however, it may also be run from a command-line (for incident response). For more information on the script and the logic behin…
License
oneoffdallas/check_ioc
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule from a monitoring engine such as Nagios, however, it may also be run from a command-line (for incident response). For more information on the script and the logic behin…
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published