Ekranoplan/BlackLotus_Ioc_scan_Powershell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9ceeffa597
BlackLotus_Ioc_scan_Powershell/README.md
Ekranoplan 9ceeffa597 Update 'README.md'
2023-06-21 07:56:20 +00:00

19 lines
552 B
Markdown
Raw Blame History

# BlackLotus_Ioc_scan_Powershell
Powershell script(s) to scan windows PC for published IoCs of BlackLotus bootkit documented by Eset and Microsoft
https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/
https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/
Usage:
Open Powershell (as Admin) and run:
.\Black-Lotus_check.ps1
![Execution](https://gitea.dmz.rs/Ekranoplan/BlackLotus_Ioc_scan_Powershell/src/branch/main/Execution.PNG)
Reference in New Issue View Git Blame Copy Permalink