The work of Ryan Kazannian and Matt Hastings for their research on the attacks of Powershall served as a starting point and the main resource for research on this topic. Recently, David Wells has been working on this for a long time.
Power Shell Logs Forensic Analysis
Roberto Rodriguez wrote a post in which he demonstrated detailed steps for the introduction, consumption and analysis of the logs. First, when he talks about the improved logging of PowerShell. He’s talking about including a block log and scripts.