drop hosts file content or paste text · analyze hosts file for suspicious entries · detect dns hijacking and security tool blocking entries · surface anti-forensic and evasion-related host overrides · runs locally
hosts content
artifacts
drop hosts file or sysmon file modify csv
or click
baseline: 127.0.0.1 localhost + ::1 localhost only · flags security vendor / forensic tool blocks · sysmon 11/23 on hosts path
paste hosts file content or drop hosts / sysmon csv