PowerForensics v1.0.2 released – is a PowerShell digital forensics framework.

PowerForensics v1.0.2 released – is a PowerShell digital forensics framework.

Changelog PowerForensics v1.0.2:
Added 5 cmdlets:
+ Get-ForensicOfficeFileMru
+ Get-ForensicOfficeOutlookCatalog
+ Get-ForensicOfficePlaceMru
+ Get-ForensicOfficeTrustRecord
+ Get-ForesnicRunKey
A number of bugs fixed and code efficiencies added

PowerForensics-v1.0.2

PowerForensics-v1.0.2

PowerForensics is a PowerShell digital forensics framework. It currently supports NTFS and is in the process of adding support for the ext4 file system.

PowerForensics is a PowerShell digital forensics framework.

PowerForensics is a PowerShell digital forensics framework.

with Cmdlets Function:
Boot Sector

New Technology File System (NTFS)

Extended File System 4 (ext4)

Windows Artifacts

Utilities.

Formatters:

Module Installation:
The easiest way to install PowerForensics is through the Install-Module cmdlet. This is available by default in Windows 10, but can also be installed via the Windows Management Framework or the standalone MSI installer:

Download : PowerForensics.zip(372 KB) | Our Post Before
Source: https://github.com/Invoke-IR