Author: Michał Sołtysik
Cybersecurity Analyst & Consultant | Deep Packet Inspection Analyst | Digital Forensics Examiner | SOC Trainer | CyberWarfare Organizer
Official website: https://michalsoltysik.com/
LinkedIn: https://www.linkedin.com/in/michal-soltysik-ssh-soc/
Accredible: https://www.credential.net/profile/michalsoltysik/wallet
Credly: https://www.credly.com/users/michal-soltysik
Email: [email protected]
Written in PowerShell (built on top of the .NET Framework and .NET Core).
Compiled to .exe executable files with the MZ file header.
License: Free for personal and commercial use.
Overall summary:
Each script individually performs one of the following functions: (1) continuously monitors a specified file for changes and copies it to the user's desktop when modifications occur; (2) monitors a specified directory for changes and copies its contents to another directory continuously; and (3) monitors a specified directory for file system changes, logging them, and providing real-time notifications.
Tool name: FileCatcherBeforeRemoval.exe
Purpose: This script continuously monitors a specified file for changes and copies it to the user's desktop when modifications occur.
Tool name: DirectoryCatcherBeforeRemoval.exe
Purpose: This script is designed to monitor a specified directory for changes and copy its contents to another directory continuously.
Tool name: FileWatcher.exe
Purpose: The script monitors a specified directory for file system changes, logging them and providing real-time notifications.
Tool name: FileWatcherWithExactTimestamps.exe
Purpose: FileWatcherWithExactTimestamps is an updated version of FileWatcher that provides exact timestamps in milliseconds, unlike FileWatcher, which provides timestamps in seconds.