Skip to content

Commit

Permalink
Merge pull request #85 from reece394/master
Browse files Browse the repository at this point in the history 
Add Angry IP Scanner to DFIRBatch
  • Loading branch information
@AndrewRathbun
AndrewRathbun authored Dec 19, 2024
2 parents 212e31a + 213773e commit 2171db6
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 1 deletion.
1 change: 1 addition & 0 deletions BatchExamples/DFIRBatch.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ Example entry, please follow this format:
| 2.06 | 2024-09-06 | Added various JPCert artifacts around remote access tools, Added LogonStats and an example of DEFAULT registry hive use with WinSCP |
| 2.07 | 2024-11-26 | Added new artifacts from the DEFAULT registry hive |
| 2.08 | 2024-12-07 | Added WinSCP DEFAULT artifact back and added Advanced IP Scanner and Advanced Port Scanner Artifacts |
| 2.09 | 2024-12-19 | Added Angry IP Scanner Artifacts |

# Documentation

Expand Down
36 changes: 35 additions & 1 deletion BatchExamples/DFIRBatch.reb
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
Description: DFIR RECmd Batch File
Author: Andrew Rathbun
Version: 2.08
Version: 2.09
Id: 2e1589f5-e31a-4bef-822f-075d56afdddd
Keys:
#

Check warning on line 6 in BatchExamples/DFIRBatch.reb

View workflow job for this annotation

GitHub Actions / lintAllTheThings 

6:1 [comments-indentation] comment not indented like content
Expand Down Expand Up @@ -2965,6 +2965,40 @@ Keys:
Recursive: true
Comment: "Displays artifacts relating to Advanced IP Scanner"

# Third Party Applications -> Angry IP Scanner - https://angryip.org/

-
Description: Angry IP Scanner - Legacy
HiveType: NTUSER
Category: Third Party Applications
KeyPath: Software\Angryziber\ipscan
Recursive: true
Comment: "Displays artifacts relating to Angry IP Scanner"

-
Description: Angry IP Scanner - Legacy
HiveType: DEFAULT
Category: Third Party Applications
KeyPath: Software\Angryziber\ipscan
Recursive: true
Comment: "Displays artifacts relating to Angry IP Scanner"

-
Description: Angry IP Scanner
HiveType: NTUSER
Category: Third Party Applications
KeyPath: Software\JavaSoft\Prefs\ipscan
Recursive: true
Comment: "Displays artifacts relating to Angry IP Scanner"

-
Description: Angry IP Scanner
HiveType: DEFAULT
Category: Third Party Applications
KeyPath: Software\JavaSoft\Prefs\ipscan
Recursive: true
Comment: "Displays artifacts relating to Angry IP Scanner"

# --------------------
# CLOUD STORAGE
# --------------------
Expand Down

0 comments on commit 2171db6

Please sign in to comment.