Ekranoplan/BlackLotus_Ioc_scan_Powershell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Powershell script(s) to scan windows PC for published IoCs of BlackLotus bootkit documented by Eset And Microsoft
4 Commits 1 Branch 0 Tags 105 KiB
PowerShell 100%
914da153f7
Go to file
Ekranoplan 914da153f7 Update 'README.md'
2023-06-21 07:50:00 +00:00
Black-Lotus_check.ps1 Upload files to '' 2023-06-21 07:41:54 +00:00
LICENSE Initial commit 2023-06-21 07:31:39 +00:00
README.md Update 'README.md' 2023-06-21 07:50:00 +00:00

README.md

BlackLotus_Ioc_scan_Powershell

Powershell script(s) to scan windows PC for published IoCs of BlackLotus bootkit documented by Eset and Microsoft

https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/

https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/

Usage:

Open Powershell (as Admin) and run: .\Black-Lotus_check.ps1