Scripts & Tools

A collection of PowerShell and Python utilities developed for systems administration, incident response, and data management.

Download All

You can download all the scripts listed below in a single compressed archive: Download Scripts.zip

Incident Response & Monitoring

NetstatHunter (PowerShell)

A continuous network monitoring script designed for Domain Controllers. It detects ransomware patterns, port scanning, C2 beaconing, and authentication anomalies (Brute Force, Kerberoasting, Pass-the-Hash).

• Use Case: Active threat hunting and detection during incident response.
• Detections: Qilin-specific IOCs, SMB floods, unusual port activity, and administrative share access.

---

Data & Migration Management

Archive Discovery Scanner (PowerShell)

A read-only scanner for network shares that identifies candidates for archiving based on file age and finds potential duplicates.

• Use Case: Planning data migrations or freeing up space on production file servers.
• Output: Professional HTML reports and CSV summaries.

Long Path Reporter (PowerShell)

Identifies files and folders that exceed the Windows 260-character path limit, which often causes issues during migrations or backups.

• Use Case: Pre-migration health checks for file shares.
• Features: Flags "Archive Candidates" (7+ years old) and generates detailed reports.

---

IP & Network Utilities

IP Blocklist Checker (Python)

A CLI tool to verify if an IP address is on the buildsetupinstall.com blocklist and retrieve detailed ASN/Geo information via ipinfo.io and RIPEstat.

• Use Case: Troubleshooting firewall blocks and investigating suspicious IPs.

---

Exchange Server Utilities

Yearly Mailbox Exporter (PowerShell)

Automates the export of Exchange mailboxes into yearly PST files to avoid performance issues with oversized data files.

• Use Case: Legal discovery and long-term email archiving.
• Features: Throttles concurrent exports to maintain server stability.