BlueChecker will help you audit PowerShell and check for any suspicious activity. At the end it will then generate a report. Default location: C:\Temp\report.html
Simply download the script or run remotely using:
powershell –nop –c “iex(New-Object Net.WebClient).DownloadString(‘https://raw.githubusercontent.com/securethelogs/Bluechecker/master/BlueChecker.ps1’)”
Once ran, BlueChecker will check for:
- Powershell status
- Evidence of downgrading
- Registry and GP set for PowerShell auditing
- Malicious scripts using keywords
- Firewall spesific to Powershell
- Event logs for Module logging and script block logging.
Visit our website for more powershell hacking Tools and script. Visit Us : https://bit.ly/3x14PxZ Like Us : https://www.facebook.com/hac4all/ Follow Us : https://www.instagram.com/hac4all.official/ Subscribe to our Youtube Channel : https://www.youtube.com/channel/UClmgP0WC23lCsR8b3_SqI-A/videos