PowerForensics is a PowerShell digital forensics framework.

PowerForensics is a PowerShell digital forensics framework.

PowerForensics is a PowerShell digital forensics framework. It currently supports NTFS and is in the process of adding support for the ext4 file system.
with Cmdlets Function:
– Boot Sector
– New Technology File System (NTFS)
– Extended File System 4 (ext4)
– Windows Artifacts
– Utilities.

PowerForensics is a PowerShell digital forensics framework.

PowerForensics is a PowerShell digital forensics framework.

Module Installation Using PS-Get:
1. (new-object Net.WebClient).DownloadString(“http://psget.net/GetPsGet.ps1”) | iex
2. Set-ExecutionPolicy RemoteSigned
3. install-module PsUrl
4. install-module -ModuleUrl https://github.com/Invoke-IR/PowerForensics/archive/master.zip
5. Get-Module -ListAvailable -Name PowerForensics
6. Import-Module PowerForensics
7. Get-Command -Module PowerForensics
8. Done!

Source : https://github.com/Invoke-IR | http://www.invoke-ir.com/