Halulraj/PS-FIM

# PS-FIM (PowerShell File Integrity Monitor) A lightweight, professional-grade Host-based Intrusion Detection System (HIDS) developed in PowerShell. This tool monitors directory integrity using cryptographic hashing and tracks unauthorized changes with user-action attribution. ## 🚀 Features - **SHA-256 Integrity Verification:** Detects even single-bit changes in file content. - **Real-time Monitoring:** Continuous scanning with configurable intervals. - **Security Hardening:** Automatically protects the baseline database with 'Read-Only' and 'Hidden' attributes. - **User Attribution:** Identifies the specific Windows user responsible for file modifications via ACL lookups. - **Detailed Logging:** Generates security-event logs for auditing. ## 🛠️ Configuration Edit the `config.json` file to customize your environment: - `MonitorPath`: The directory to secure. - `ScanInterval`: Frequency of checks (in seconds). - `Exclusions`: Define specific file types or names to ignore. ## 📋 Requirements - Windows PowerShell 5.1+ - Administrator privileges (required for retrieving Owner/ACL information)

标签：ACL, AI合规, Conpot, GitHub Advanced Security, HIDS, Homebrew安装, IPv6, Libemu, PowerShell, Powershell脚本, SEO: HIDS, SEO: PowerShell安全工具, SEO: 主机入侵检测, SEO: 文件完整性监控, SHA256, Windows安全, WSL, 主机入侵检测, 企业安全, 加密哈希, 变更检测, 只读隐藏属性, 基线数据库, 安全加固, 实时扫描, 文件修改, 文件删除, 文件新增, 用户归属, 网络资产管理, 访问控制列表, 配置化监控