Skip to content

Tool to search for IOCs related to HAFNIUM: CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065

License

Notifications You must be signed in to change notification settings

byinarie/Zirconium

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 

Repository files navigation

Copy of site photo temp (18)

ZIRCONIUM

ZIRCONIUM has been created to scan for Indicators of Compromise (IOCs) on Exchange Servers for signs of Zero-Day exploits used by HAFNIUM.

ZIRCONIUM will search for:

  • CVE-2021-26855
  • CVE-2021-26958
  • CVE-2021-26857
  • CVE-2021-27027065
  • Suspicious .dmp Files
  • .aspnet Files Found in inetpub and Exchange File Paths

Usage

Download the lastest version of ZIRCONIUM: https://github.com/SpearTip-Cyber-Counterintelligence/Zirconium/releases/download/1.0/Zirconium.exe

Move the latest version of ZIRCONIUM to your desktop and double click the application to start. ZIRCONIUM will begin to scan the system, outputting notification balloons to the bottom right-hand corner of the screen.

Once ZIRCONIUM has completed its scan, you will find a .txt file on your desktop labeled "ZIRCONIUM-Info.txt" that contains any information the application has found, including possible compromise, bad filepaths, etc.

About

Tool to search for IOCs related to HAFNIUM: CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published