paulmataruso/main
1
0
Fork 0
mirror of https://github.com/socfortress/Wazuh-Rules.git synced 2025-10-23 00:02:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fd67055c6d67dc081cccb84861860dbc4ee4bc58
main/Active Response/Windows/README.md
taylor_socfortress fd67055c6d Update README.md
2022-09-20 10:12:52 -05:00

2.4 KiB
Raw Blame History

Windows Active Response Awesome

Folder containing Active Response scripts to be ran on Windows Endpoints. Powershell7 required.

MIT License LinkedIn your-own-soc-free-for-life-tier

Roadmap

  • Create local firewall rule to block outbound connections to a malicious IP
  • DNS sinkhole a malicious domain (route to localhost 127.0.0.1)
  • Disable local user account
  • Kill a malicious process
  • Feel free to bring ideas 😄

Need Help?

SOCFortress - LinkedIn - info@socfortress.co

Let SOCFortress Professional Services Take Your Open Source SIEM to the Next Level

Banner