Skip to content
/ TSPersistentService Public

Proof-of-concept script for live analysis of persistent Windows Services [MITRE T1543.003] as presented in the 2021 SEC-T Conference.

4 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Truesec/TSPersistentService

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
TSPersistentService.psm1
TSPersistentService.psm1
 
 

Repository files navigation

TSPersistentService

Proof-of-concept script for live analysis of persistent Windows Services [MITRE T1543.003] as presented in the 2021 SEC-T Conference.

Usage

Get services

import-module .\TSPersistentService.psm1
Get-TSPersistentService

Get timeline of service-related events and save it as a CSV file.

import-module .\TSPersistentService.psm1
Get-TSPersistentService | ConvertTo-TSTimeline | Export-csv -NoTypeInformation -Encoding utf8 .\timeline.csv

Credits

About

Proof-of-concept script for live analysis of persistent Windows Services [MITRE T1543.003] as presented in the 2021 SEC-T Conference.

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages