So i'm working on some project to find malware in my network.Trying to automate autoruns(sysinternals) in order to find anomalies or changes in startup on workstations.to do so i want to make daily reports for multiple workstations each day and check for changes for previous reports(finding differences). So i need couple of advices: 1.Should i remote execute the script with psexec(sysinternals)? it seems way to risky with high priviliged account .. is there any other way? 2.Any working software for finding diffrence in report(xml, csv, or just text)(easy to use-free and windows) I have already tried to make it using c but it is too much effort.should i write it in python or other language like c#...
Related Questions in PYTHON
- How to store a date/time in sqlite (or something similar to a date)
- Instagrapi recently showing HTTPError and UnknownError
- How to Retrieve Data from an MySQL Database and Display it in a GUI?
- How to create a regular expression to partition a string that terminates in either ": 45" or ",", without the ": "
- Python Geopandas unable to convert latitude longitude to points
- Influence of Unused FFN on Model Accuracy in PyTorch
- Seeking Python Libraries for Removing Extraneous Characters and Spaces in Text
- Writes to child subprocess.Popen.stdin don't work from within process group?
- Conda has two different python binarys (python and python3) with the same version for a single environment. Why?
- Problem with add new attribute in table with BOTO3 on python
- Can't install packages in python conda environment
- Setting diagonal of a matrix to zero
- List of numbers converted to list of strings to iterate over it. But receiving TypeError messages
- Basic Python Question: Shortening If Statements
- Python and regex, can't understand why some words are left out of the match
Related Questions in SCRIPTING
- How do I react to external program launch inside an Automator workflow?
- can anyone help me for NSIS Script I have a case where I need to check cases can be 3.3 3.42 23.5 23.56w 3.467 999.999 999.99a but not 1.b or 8..a
- How do I restart a batch file in PowerShell?
- Trouble updating a Field in Salesforce via a Python Script
- What are JCL Alternitives for Embeded Applications?
- grep expression behaving weird (unix/mac) while reading a conf file
- Why is my bash script showing [2: command not found?
- How can I modify my code to negate this error?
- Find Specified Software - Powershell
- how to change Value to something specific and not add to it?
- How can I run this Powershell function from a batch file on windows?
- How to make toggle key to switch between two seperate functions lua script(logitech)
- My quiz automatically submits when i plug in a chrome extension that involves doing an api call
- How to "make" a variable that contains another variable value?
- function not recognizable inside scriptblock in PowerShell script
Related Questions in PSEXEC
- April fools - PsExec (PsTools)
- Remote process execution using PsExec
- How to get the results of long running commands in pypsexec?
- Psexec issue with variable command in Powershell
- Working batch file fails when started remotely through PsExec
- It is necessary that PsExec does not close at the end of the PowerShell script
- Why does psexec query session work via cmd but not when called with _popen in C++?
- Run PsExec on Windows Server 2022 via OpenSSH - only display the first three lines
- How can I launch notepad with psexec when logged in via SSH?
- Psexec doesnt execute .bat
- Psexec doesnt give me the full results
- How to run an .exe with arguments remotely in python?
- How to run an exe on a remote machine using psexec which also needs dependent dlls?
- Run process on screen from task scheduler if and only if user is logged in
- PSEXEC Starts on remote PC but does not execute command
Related Questions in AUTOSTART
- Android application with arguments via manifest
- How can I make a script autostart in a virtual environment in Raspbian?
- can't get chrome tabs to open on startup on raspberry pi model 4
- NSIS Installer in autostart and start on finished installation
- how to enable "auto-start" by default in Android Application
- Raspberry PI impossible to refresh automatically chromium
- Launch a Python script upon startup and show the output in a terminal
- ASP.NET Core web application doesn't use static files stored in wwwroot when autostart on Raspberry
- Neither Nitrogen or FEH Work in Autostart if Xrandr also in Autostart
- Raspberry Pi script with timeout and record does not work if started from autostart
- ESXi Stop Delay Shown as -1 in Configuration File
- How to set dbus/systemd as dependency in systemd unit
- Script to automatically mount sshfs shares is not executed by KDE autostart
- just-audio-web Error: NotAllowedError: play() failed because the user didn't interact with the document first
- How can I start a GUI application on the Raspberry PI before logging in?
Related Questions in SYSINTERNALS
- What does Windows IOCTL code 0x83350048 do?
- What does the "QueryDeviceInformationVolume" operation in Process Monitor mean?
- Cancel movefile operation
- Why are the PID results in Task manager and netstat different?
- Shrink Disk and NTFS MetaFile Defragmentation ($BITMAP)
- How does pskill work across the UAC/elevation boundary?
- How to view a device driver stack?
- Why does Systinternals du64.exe unexpectedly output in UTF-16LE with a BOM (noticed it parsing output in perl)?
- How to close a specific handle that is an "Event" Type in Sysinternals?
- Active-Passive IIS Infrastructure
- Process stdout capture for Autoruns
- How to check the amount of shared memory allocated by a particular process in windows
- How to log cmd.exe built-in commands to Sysmon or Windows Event Logs?
- How to track down access violation "at address 00000000" in third party software using MadExcept of Sysinternals ProcessMonitor?
- how can i observe interaction/communication between a process (user land) and a driver in windows
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
I would use silentrunners.org to create daily snapshots. Then you could compare those and should something change flag that system for further review. Windows has FC which
Compares two files or sets of files and displays the differences between them