Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
A one-liner powershell script for testing if your station is infected by the CIA's Angelfire. Path known from: https://wikileaks.org/vault7/document/Angelfire-2_0-UserGuide/Angelfire-2_0-UserGuide.pdf
if ((Get-Item -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Windows').GetValue('SystemLookup')) {Write-Host "Angelfire found!"} else {Write-Host "Nothing"}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment