PowerShell script for detecting and remediating BatShadow threat actor's Vampire Bot malware. Based on threat intelligence from Aryaka Threat Research Labs (October 2025). Scans for malicious files, suspicious processes, C2 connections, registry persistence, and provides automated remediation capabilities.

PowerShell script to detect indicators of SORVEPOTEL malware on Windows systems. Scans for suspicious ZIP extractions in temp directories, active WhatsApp Web processes, recent PowerShell execution logs, and newly created scheduled tasks. Designed to identify systems potentially compromised by the self-propagating WhatsApp-based malware targeting enterprise environments in late 2024.

Quickly close windows 11 vulnerable ports. Save file as .bat and run. *Use at own risk