The tool will show notifications when the system is being remoted into with tools such as Powershell Remoting(WinRM) or PSExec.
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is 4 commits behind ForensicTools:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
DataCollection
Resources
Timeline
.gitattributes
.gitignore
LICENSE
OpenTimeline.ps1
README.md

README.md

RemoteNotify

Collect logs of when a system is being remoted into without user's knowledge. The current Logs that are being collected are:

  • Psexec
  • PSRemoting
  • All TCP connections for better forensics analysis

Created by Caleb Coffie