BlackLotus_Ioc_scan_Powershell/README.md

# BlackLotus_Ioc_scan_Powershell

Powershell script(s) to scan windows PC for published IoCs of BlackLotus bootkit documented by [Eset](https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/) and [Microsoft](https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/)


Usage:

Open Powershell (as Admin) and run: 

<code>.\Black-Lotus_check.ps1 </code>


![Execution](./Execution.PNG)
Initial commit 2023-06-21 07:31:39 +00:00			`# BlackLotus_Ioc_scan_Powershell`

Update 'README.md' 2023-06-21 08:08:14 +00:00			`Powershell script(s) to scan windows PC for published IoCs of BlackLotus bootkit documented by [Eset](https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/) and [Microsoft](https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/)`
Update 'README.md' 2023-06-21 07:49:51 +00:00


			`Usage:`
Update 'README.md' 2023-06-21 07:50:00 +00:00
Update 'README.md' 2023-06-21 07:54:45 +00:00			`Open Powershell (as Admin) and run:`

Update 'README.md' 2023-06-21 08:06:07 +00:00			`<code>.\Black-Lotus_check.ps1 </code>`
Update 'README.md' 2023-06-21 07:54:45 +00:00

Update 'README.md' 2023-06-21 08:05:35 +00:00			`![Execution](./Execution.PNG)`
Update 'README.md' 2023-06-21 07:56:20 +00:00
Update 'README.md' 2023-06-21 07:49:51 +00:00