Posts Tagged ‘forensics with PowerShell’

Most Recent
 
Read More
2018-04-02

Bypassing AppLocker with PowerShell Scripts

Several years ago, Microsoft announced a new tool – AppLocker, which, according to the developers, was designed to increase the level of security when working in Windows. Unfortunately, the way was uncovered, in which you can run any application in the system bypassing AppLocker and without administrator rights.

167
 
Read More
2018-02-28

How to find a USB History with PowerShell

Undoubtedly, you know about the existence of the Windows PowerShell environment. It plays a very prominent role among Microsoft products. Although Windows PowerShell includes a simple and powerful language for writing scripts. One of the advantages of this technology is that it can be used as a convenient command shell without writing complex scripts.

742
 
Read More
2018-02-11

Analyzing an attack with powershell

Nikhil Mittal has shared the presentation ‘Hacked? Pray that the Attacker used PowerShell’. It tell us how to find fingerprints of an attack with powershell in a compromised system.

213
 
Read More
2018-02-04

PowerShell Forensics

The work of Ryan Kazannian and Matt Hastings for their research on the attacks of Powershall served as a starting point and the main resource for research on this topic. Recently, David Wells has been working on this for a long time.

500
Latest Headlines
 
Read More
342
 
Read More
208
 
Read More
488

Trending Topics
digital forensics
computer forensics
Articles
mobile forensics
DFIR
digital forensics software
Android forensics
windows forensics
incident response
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
How to Make the Forensic Image of the Hard Drive
 
3
Extracting data from SmartSwitch backups
 
4
Forensic tools for your Mac
 
5
Android forensic analysis with Autopsy