search

davehull / Kansa

A Powershell incident response framework
Apache License 2.0
1.55k stars 266 forks source link

Update and add new ASEP Modules #182

Closed DaveCrim closed 4 years ago

DaveCrim commented 6 years ago

Updated SVCAll module and analysis files. Added modules and analysis files for Scheduled Tasks, and a series of Registry and File locations relevant to Malware persistence mechanisms documented by MITRE's ATT&CK matrix.