Pywirt | Python Windows Incident Response Toolkit

image

Tested Windows 10

Description

With this application, it is aimed to accelerate the incident response processes by collecting information in windows operating systems via winrm.

Features

Information is collected in the following contents.

IP Configuration

Users

Groups

Tasks

Services

Task Scheduler

Registry Control

Active TCP & UDP ports

File sharing

Files

Firewall Config

Sessions with other Systems

Open Sessions

Log Entries

Installation

git clone https://github.com/anil-yelken/pywirt

cd pywirt

pip3 install pywinrm

Usage

The following information should be specified in the cred_list.txt file:

IP|Username|Password

Contact

https://twitter.com/anilyelken06

https://medium.com/@anilyelken

GitHub:

1 Like