Skip to content
Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule from a monitoring engine such as Nagios, however, it may also be run from a command-line (for incident response). For more information on the script and the logic behin…
PowerShell
Branch: master
Clone or download
Pull request Compare This branch is even with oneoffdallas:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
check_ioc.ps1

README.md

check_ioc

Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule from a monitoring engine such as Nagios, however, it may also be run from a command-line (for incident response), or even from another monitoring system. The script is heavily commented and very readable with numerous usage examples in the script itself. For more information on the script and the logic behind it, check out https://www.linuxincluded.com/uncovering-indicators-of-compromise. Enjoy!

You can’t perform that action at this time.