issues
search
georgeneokq
/
artifact-exterminator
Simple, flexible command-line tool for conducting anti-forensics (for research purposes only)
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
refactor: Delete multiple prefetch files
#52
georgeneokq
closed
1 year ago
0
feat: Add self to list of executables to clean up
#51
georgeneokq
closed
1 year ago
0
feat: Add delay argument
#50
georgeneokq
closed
1 year ago
0
Remove amcache
#49
georgeneokq
closed
1 year ago
0
bug: Program will not parse file paths containing commas properly
#48
georgeneokq
opened
1 year ago
0
Update docs
#47
georgeneokq
closed
1 year ago
0
docs: Update hyperlink
#46
georgeneokq
closed
1 year ago
0
chore: Move dangerous binaries into password-protected zip
#45
georgeneokq
closed
1 year ago
0
Add more examples in user guide
#44
georgeneokq
closed
1 year ago
0
Fix prefetch feature
#43
georgeneokq
closed
1 year ago
0
enhancement: Exit program if no admin rights given
#42
georgeneokq
opened
1 year ago
0
Provide option to force reboot the device after cleanup
#41
georgeneokq
opened
1 year ago
0
chore: Add sample malware
#40
georgeneokq
closed
1 year ago
0
feat: Delete registry backup files
#39
georgeneokq
closed
1 year ago
0
Create sample "malware" for demonstration
#38
georgeneokq
closed
1 year ago
0
feat: Remove prefetch files of executables
#37
georgeneokq
closed
1 year ago
0
Calls to wcstok modifies original string
#36
georgeneokq
opened
1 year ago
0
Select features via command line argument
#35
georgeneokq
closed
1 year ago
0
Add in prefetch deletion functionality
#34
Samsterr
closed
1 year ago
0
Add a command line argument to specify which modules to run
#33
georgeneokq
closed
1 year ago
0
enhancement: Erase ShimCache entries of itself
#32
georgeneokq
opened
1 year ago
0
refactor: Clear ControlSet001 and ControlSet002
#31
georgeneokq
closed
1 year ago
0
feat: Warn if not admin, and if killswitch arguments are incomplete
#30
georgeneokq
closed
1 year ago
0
Feat: Erase ShimCache entries in ControlSet001
#29
georgeneokq
closed
1 year ago
0
feat: Delete specified registry keys/values
#28
georgeneokq
closed
1 year ago
0
Alter scheduled task metadata
#27
georgeneokq
opened
1 year ago
0
Refactor: Polling for kill switch to be persistent after reboot
#26
georgeneokq
opened
1 year ago
0
docs: Enhance documentation
#25
georgeneokq
closed
1 year ago
0
Prevent event viewer from logging
#24
georgeneokq
opened
1 year ago
2
Delete registry values and keys specified in command line arguments
#23
georgeneokq
closed
1 year ago
0
Print warning message when either kill switch IP or port is specified, but its counterpart isn't
#22
georgeneokq
closed
1 year ago
1
fix: validate killswitch parameters before applying killswitch functi…
#21
georgeneokq
closed
1 year ago
0
feat: Python kill switch socket script
#20
georgeneokq
closed
1 year ago
0
Poll for kill switch
#19
georgeneokq
closed
1 year ago
0
feat: Spawn process for specified executable
#18
georgeneokq
closed
1 year ago
0
Feat schedule task
#17
georgeneokq
closed
1 year ago
0
Specify HTTP endpoint as kill switch to perform cleanup
#16
georgeneokq
closed
1 year ago
2
Clean up registry backup files after registry restoration is completed
#15
georgeneokq
closed
1 year ago
0
For discussion: Shimcache removal requires administrator rights
#14
georgeneokq
closed
1 year ago
1
refactor: Clean up unused functions
#13
georgeneokq
closed
1 year ago
0
feat: Parse command line arguments
#12
georgeneokq
closed
1 year ago
0
Create video demonstration on how the program works
#11
georgeneokq
opened
1 year ago
0
Update README to have a detailed setup and usage guide
#10
georgeneokq
closed
1 year ago
1
Run the executable specified in command line arguments
#9
georgeneokq
closed
1 year ago
0
style: Remove some comments and fix indentation
#8
georgeneokq
closed
1 year ago
0
ShimCache: Schedule task to clear Shimcache after computer restart
#7
georgeneokq
closed
1 year ago
1
Flexible command line arguments
#6
georgeneokq
closed
1 year ago
0
feat: Create function to remove shimcache entries
#5
georgeneokq
closed
1 year ago
0
Shimcache
#4
georgeneokq
closed
1 year ago
0
refactor: changes tabs to spaces
#3
georgeneokq
closed
1 year ago
0
Next