PowerForensics v1.0.1 released - is a PowerShell digital forensics framework.

PowerForensics v1.0.1 released – is a PowerShell digital forensics framework.

Changelog v-1.0.1:
+ This release features minor bug fixes, initial Pester tests, and updated help.
+ It also signifies the merging of the PowerForensics_Source and the PowerForensics repos.

ScreenCapture PowerForensics-v1.0.1

ScreenCapture PowerForensics-v1.0.1

PowerForensics is a PowerShell digital forensics framework. It currently supports NTFS and is in the process of adding support for the ext4 file system.

PowerForensics is a PowerShell digital forensics framework.

PowerForensics is a PowerShell digital forensics framework.

with Cmdlets Function:
Boot Sector

New Technology File System (NTFS)

Extended File System 4 (ext4)

Windows Artifacts

Utilities.

Formatters:

Module Installation:
The easiest way to install PowerForensics is through the Install-Module cmdlet. This is available by default in Windows 10, but can also be installed via the Windows Management Framework or the standalone MSI installer:

Download : PowerForensics.zip(287 KB) | Our Post Before
Source: https://github.com/Invoke-IR