PowerForensics v2.0 – PowerShell Digital Forensics.

PowerForensics v2.0 – PowerShell Digital Forensics.

Changelog PowerForensics v2.0:
* Reorganized and Unified
– Unified PowerForensics, PowerForensicsCore, and PowerForensicsv2
– Working on HFS+ and Ext4 parsing
* Consolidated PowerForensics and PowerForensicsCore Modules
* Updates PowerForensics CoreCLR DLL.

PowerForensics v2.0: Consolidated PowerForensics and PowerForensicsCore Modules.

PowerForensics v2.0:
Consolidated PowerForensics and PowerForensicsCore Modules.

PowerForensics is a PowerShell digital forensics framework. It currently supports NTFS and is in the process of adding support for the ext4 file system.

with Cmdlets Function:
Boot Sector

New Technology File System (NTFS)

Extended File System 4 (ext4)

Windows Artifacts

Utilities.

Formatters:

Module Installation:

Source: https://github.com/Invoke-IR | Our Post Before