Skip to content
/ MOVEit-IIS-Log-Scanner Public

A simple script to scan IIS logs for potential exploitation of MOVEit

s1.ai/moveit

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SentineLabs/MOVEit-IIS-Log-Scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

LICENSE

LICENSE

 
 

README.md

README.md

 
 

SentinelIISScanner.ps1

SentinelIISScanner.ps1

 
 

Repository files navigation

For more information see the blog post: https://s1.ai/MOVEit

This is a simple script to scan IIS logs for potential exploitation of MOVEit. It iterates through the path passed in the command line and scans all files ending in ".log" for strings associated with the exploit. The script will copy all lines that match the patterns to ".\results.log".

Usage:
SentinelIISScanner.ps1 <path_to_iis_logs>

Example:
SentinelIISScanner.ps1 C:\inetpub\logs\LogFiles

About

A simple script to scan IIS logs for potential exploitation of MOVEit

s1.ai/MOVEit

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Languages