issues
search
last-byte
/
PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
Other
1.83k
stars
180
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Installation help
#26
daniele777
closed
2 months ago
3
Unable to detect ghosttasks
#25
j-wsy
closed
4 days ago
12
Username containing whitespaces causes suborner attack false-positive
#24
strassi
closed
3 months ago
1
RunAndRunOnce Method does not detect powershell.exe entries
#23
strassi
closed
4 months ago
3
NEW FEATURE: ETW Interfacing
#22
ablescia
opened
6 months ago
0
Parse-NetUser function is not locale-agnostic
#20
eirnym
closed
8 months ago
4
Case sensitive comparisons
#19
indented-automation
closed
9 months ago
2
Support to ETW Interfacing
#18
ablescia
closed
1 year ago
1
Implementing new output features
#17
ablescia
opened
1 year ago
2
Powershell console history
#16
yellow-starburst
opened
1 year ago
2
[INFO] Creation of PKGBUILD for BlackArch Windows category
#15
D3vil0p3r
closed
1 year ago
1
Updated to v1.9.2 [skip ci]
#14
last-byte
closed
1 year ago
0
Bug fixes.
#13
suinswofi
closed
1 year ago
1
Forensic
#12
rocket-ops
opened
1 year ago
1
Upgraded to v1.9.0
#11
last-byte
closed
1 year ago
0
[Feature Request] Hunting persistence in OS Disk images.
#10
geekypanda411
closed
1 year ago
1
Persistence detection via screensaver
#9
d3f0x0
closed
1 year ago
1
BITS job detection added
#8
fkadibs
closed
1 year ago
1
Working offline
#7
lclevy
closed
1 year ago
1
Dependency
#6
sreejith111988
closed
1 year ago
1
Power Automate detection added
#5
cecio
closed
1 year ago
1
Authenticode signature
#4
last-byte
closed
1 year ago
0
Digital Signature
#3
TyMac
closed
1 year ago
4
Added WMI Event Subscriptions (T1546.003)
#2
cecio
closed
1 year ago
1
Create LICENSE
#1
last-byte
closed
1 year ago
0