THRecon - Threat Hunting Reconnaissance Toolkit.

THRecon – Threat Hunting Reconnaissance Toolkit.

THRecon is a Powershell module for Threat-Hunting and Reconnaissance toolkit.
Function Feature:
+ Get-THR_ADS: Performs a search for alternate data streams (ADS) on a system. Default starting directory is c:\temp.
+ Get-THR_ARP: Gets the arp cache from all connected interfaces for the given computer(s).
+ Get-THR_Autoruns: Gets a list of programs that auto start for the given computer(s).
+ Get-THR_BitLocker: Gets the current BitLocker details to include recovery key of a given system.
+ Get-THR_Computer: Gets general system information on a given system. Includes data from Win32_ComputerSystem, Win32_OperatingSystem, and win32_BIOS.

THRecon

+ Get-THR_DLLs: Gets a list of DLLs loaded by all process on a given system.
+ Get-THR_DNS: Gets the DNS cache from all connected interfaces for the given computer(s).
+ Get-THR_Drivers: Gets a list of drivers for the given computer(s).
+ Get-THR_EnvVars: Retreives the values of all environment variables from one or more systems.
+ Get-THR_GroupMembers: Gets a list of the members of each local group on a given system.
+ Get-THR_Handles: Gets a list of Handles loaded by all process on a given system.
+ Get-THR_Hardware: Gets a list of installed devices for the given computer(s).
+ Get-THR_Hosts: Gets the arp cache from all connected interfaces for the given computer(s).
+ And Many More..

Dependencies:
+ Powershell v3.0 or above

Use and Download:

Source: https://github.com/TonyPhipps