kansa - A Powershell incident-response framework.

kansa – A Powershell incident-response framework.

Kansa is A modular incident response framework in Powershell. It’s been tested in PSv2 / .NET 2 and later and works mostly without issue.

Latest Change 23/3/2017:
+ Modules: Removes -nobanner flag

kansa

What does it do?
It uses Powershell Remoting to run user contributed, ahem, user contri-buted modules across hosts in an enterprise to collect data for use during incident response, breach hunts, or for building an environmental baseline.

Usage:

Source: https://github.com/davehull