Repo: https://github.com/GL1T0H/ThreatSentryarrow-up-right
A PowerShell tool for threat hunters to collect and analyze system information, including architecture, IP processes, security events, and more. Outputs are saved in JSON format, with basic info sent to Telegram
Collects system details (architecture, IP, users, version, Network Connections, Processes, ScheduledTasks, DNSQueries, StartupPrograms, etc.).
Analyzes security events for specified Event IDs.
Sends basic report to Telegram with file paths.
Windows OS
PowerShell 5.1 or higher
Administrator privileges
Telegram Bot Token and Chat ID
Clone the repository:
Run the script as an administrator
Last updated 8 months ago
git clone https://github.com/GL1T0H/ThreatSentry.git
.\ThreatSentry.ps1 -Telegram $true
