Skip to content

Commit 2171db6

Browse files
AndrewRathbunAndrewRathbun
authored
Merge pull request #85 from reece394/master
Add Angry IP Scanner to DFIRBatch
2 parents 212e31a + 213773e commit 2171db6

File tree

2 files changed

+36
-1
lines changed

2 files changed

+36
-1
lines changed

BatchExamples/DFIRBatch.md

+1
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,7 @@ Example entry, please follow this format:
5555
| 2.06 | 2024-09-06 | Added various JPCert artifacts around remote access tools, Added LogonStats and an example of DEFAULT registry hive use with WinSCP |
5656
| 2.07 | 2024-11-26 | Added new artifacts from the DEFAULT registry hive |
5757
| 2.08 | 2024-12-07 | Added WinSCP DEFAULT artifact back and added Advanced IP Scanner and Advanced Port Scanner Artifacts |
58+
| 2.09 | 2024-12-19 | Added Angry IP Scanner Artifacts |
5859

5960
# Documentation
6061

BatchExamples/DFIRBatch.reb

+35-1
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
Description: DFIR RECmd Batch File
22
Author: Andrew Rathbun
3-
Version: 2.08
3+
Version: 2.09
44
Id: 2e1589f5-e31a-4bef-822f-075d56afdddd
55
Keys:
66
#
@@ -2965,6 +2965,40 @@ Keys:
29652965
Recursive: true
29662966
Comment: "Displays artifacts relating to Advanced IP Scanner"
29672967

2968+
# Third Party Applications -> Angry IP Scanner - https://angryip.org/
2969+
2970+
-
2971+
Description: Angry IP Scanner - Legacy
2972+
HiveType: NTUSER
2973+
Category: Third Party Applications
2974+
KeyPath: Software\Angryziber\ipscan
2975+
Recursive: true
2976+
Comment: "Displays artifacts relating to Angry IP Scanner"
2977+
2978+
-
2979+
Description: Angry IP Scanner - Legacy
2980+
HiveType: DEFAULT
2981+
Category: Third Party Applications
2982+
KeyPath: Software\Angryziber\ipscan
2983+
Recursive: true
2984+
Comment: "Displays artifacts relating to Angry IP Scanner"
2985+
2986+
-
2987+
Description: Angry IP Scanner
2988+
HiveType: NTUSER
2989+
Category: Third Party Applications
2990+
KeyPath: Software\JavaSoft\Prefs\ipscan
2991+
Recursive: true
2992+
Comment: "Displays artifacts relating to Angry IP Scanner"
2993+
2994+
-
2995+
Description: Angry IP Scanner
2996+
HiveType: DEFAULT
2997+
Category: Third Party Applications
2998+
KeyPath: Software\JavaSoft\Prefs\ipscan
2999+
Recursive: true
3000+
Comment: "Displays artifacts relating to Angry IP Scanner"
3001+
29683002
# --------------------
29693003
# CLOUD STORAGE
29703004
# --------------------

0 commit comments

Comments
 (0)