Pinned Repositories
AChoir
Windows Live Artifacts Acquisition Script
ADTimeline
PowerShell script creating a timeline of Active Directory changes with replication metadata
ARTHIR
ATT&CK Remote Threat Hunting Incident Response
forensics
Windows digital forensics and incident response scripts
free-programming-books
Get-Baseline
PowerShell Script for Agentless Incident Response
ir_scripts
incident response scripts
live-hostforensics
Basic Powershell script for live host forensics artifact collection
Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
PoSh-R2
PowerShell - Rapid Response... For the incident responder in you!
waydaws's Repositories
waydaws/AChoir
Windows Live Artifacts Acquisition Script
waydaws/ADTimeline
PowerShell script creating a timeline of Active Directory changes with replication metadata
waydaws/ARTHIR
ATT&CK Remote Threat Hunting Incident Response
waydaws/forensics
Windows digital forensics and incident response scripts
waydaws/free-programming-books
waydaws/Get-Baseline
PowerShell Script for Agentless Incident Response
waydaws/ir_scripts
incident response scripts
waydaws/live-hostforensics
Basic Powershell script for live host forensics artifact collection
waydaws/Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
waydaws/PoSh-R2
PowerShell - Rapid Response... For the incident responder in you!
waydaws/PowerShell
A series of scripts
waydaws/ProjectTest
waydaws/SessionGopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
waydaws/ThreatHunting
Powershell collection designed to assist in Threat Hunting Windows systems.
waydaws/WinFor
Powershell script to execute different forensic Powershell functions / tools on a compromised host