search

last-byte / PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
Other
1.83k stars 180 forks source link

Forensic #12

Open rocket-ops opened 1 year ago

rocket-ops commented 1 year ago

Any chance this could be made to point towards a mounted image? Great project!!

last-byte commented 1 year ago

Hi, I've already closed two issues with a request for this feature, so technically the answer to this should be "no". However, since many people already asked, we've included the possibility of running PersistenceSniper on images as a bullet in our to-do list, so stay tuned!