ThreatSentry

Repo: https://github.com/GL1T0H/ThreatSentry

A PowerShell tool for threat hunters to collect and analyze system information, including architecture, IP processes, security events, and more. Outputs are saved in JSON format, with basic info sent to Telegram

Features

Collects system details (architecture, IP, users, version, Network Connections, Processes, ScheduledTasks, DNSQueries, StartupPrograms, etc.).
Analyzes security events for specified Event IDs.
Sends basic report to Telegram with file paths.

Requirements

Windows OS
PowerShell 5.1 or higher
Administrator privileges
Telegram Bot Token and Chat ID

Installation

Clone the repository:

git clone https://github.com/GL1T0H/ThreatSentry.git

Usage

Run the script as an administrator
```
.\ThreatSentry.ps1 -Telegram $true
```

PreviousYoutube Downloader NextProcessAnalyzer

Last updated 23 days ago