all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Trawler - PowerShell Script To Help Incident Responders Discover Adversary Persistence Mechanisms

Add to bookmarks
Aug. 15, 2023, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com




Dredging Windows for Persistence


What is it?


Trawler is a PowerShell script designed to help Incident Responders discover potential indicators of compromise on Windows hosts, primarily focused on persistence mechanisms including Scheduled Tasks, Services, Registry Modifications, Startup Items, Binary Modifications and more.


Currently, trawler can detect most of the persistence techniques specifically called out by MITRE and Atomic Red Team with more detections being added on a regular basis.



Main Features



  • Scanning Windows OS for a variety of persistence techniques …

adversary binary blue team compromise detect dfir discover incident incident responders incident response indicators of compromise malware modifications persistence powershell powershell script registry script server management services startup techniques telemetry what is windows winlogon

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log … 11 hours ago | www.kitploit.com
attack detection lfi detection oste-web-log-analyzer rfi detection +1
ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities 1 day, 11 hours ago | www.kitploit.com
ntlm post-exploitation powershell python +7
Galah - An LLM-powered Web Honeypot Using The OpenAI API 2 days, 11 hours ago | www.kitploit.com
galah golang llm openai api +3
CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training 3 days, 11 hours ago | www.kitploit.com
amsi antivirus crimsonedr dll +5
Url-Status-Checker - Tool For Swiftly Checking The Status Of URLs 4 days, 7 hours ago | www.kitploit.com
bugbountyautomation bugbounty tools httpx infosys +2
CSAF - Cyber Security Awareness Framework 5 days, 11 hours ago | www.kitploit.com
csaf cybersecurity awareness linux socks5 +2
Espionage - A Linux Packet Sniffing Suite For Automated MiTM Attacks 6 days, 11 hours ago | www.kitploit.com
arp-spoofing cybersecurity networking packet capture +5
HackerInfo - Infromations Web Application Security 1 week ago | www.kitploit.com
hackerinfo python python3
C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets 1 week ago | www.kitploit.com
c2-tracker cybersecurity infosec osint +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs