Kansa is A modular incident response framework in Powershell. It’s been tested in PSv2 / .NET 2 and later and works mostly without issue.
Latest Change 23/3/2017:
+ Modules: Removes -nobanner flag
What does it do?
It uses Powershell Remoting to run user contributed, ahem, user contri-buted modules across hosts in an enterprise to collect data for use during incident response, breach hunts, or for building an environmental baseline.
git clone https://github.com/davehull/Kansa && cd kansa
Set-ExecutionPolicy AllSigned | RemoteSigned | Unrestricted
.\Kansa.ps1 -TargetList hostlist -Analysis