View Code? Open in Web Editor
NEW
Windows Intrusion Detection System: detect changes in Registry Keys, Services, Scheduled Tasks
C# 44.60%
PowerShell 50.63%
Inno Setup 4.77%
poormansids's Introduction
Windows Intrusion Detection System: detect changes in Registry Keys, Services, Scheduled Tasks
Tray-Icon App which starts with Windows ( Registry Run Key )
includes setup file to install locally for every user and adds the Registry Key
- PowerShellScript which create local reference files
- WPF App which calls the PS script periodically (like every 15 minutes)
if it detects changes a blue box pops up in the bottom right corner of your screen:
double click on the IDS TrayIcon to:
- call the script
- reset reference files
- set timer to different value
right click on tray-icon -> exit
- the powershell script creates the reference files on first start or if one is missing
- automatically show the blue ballon
- in main window you can call the script automatically:
## setup instructions
- compile
- copy PoorMansIDS.ps1 in the same directory as PoorMansIDS.exe
- start
- see setup_src on how-to create a setup.exe installer with InnoSetup
poormansids's People
Contributors
Stargazers
Watchers