13 lines
639 B
Markdown
13 lines
639 B
Markdown
# LoLRMM Detector
|
|
|
|
Detects unauthorized Remote Monitoring and Management (RMM) tools on Windows endpoints by comparing running processes, services, scheduled tasks, network connections, and registry artifacts against the live [lolrmm.io](https://lolrmm.io) catalog. Raises a Syncro alert when unapproved RMM tooling is found.
|
|
|
|
See [project.md](project.md) for full architecture, detection layers, allowlist design, and deployment details.
|
|
|
|
## Files
|
|
|
|
| File | Description |
|
|
|---|---|
|
|
| `lolrmm_syncro_detector.ps1` | Main Syncro script — deploy this |
|
|
| `project.md` | Architecture, detection layers, allowlist design, deployment guide |
|