Magnet User Summit 2019 – April 2, 2019
Leveraging PowerShell and Python for Incident Response and Live Forensic Applications
Chet Hosmer, Author, Python Forensics
This lecture/demonstration brings together the Python Programming Language and Microsoft’s PowerShell to address digital investigations at a new level. PowerShell provides digital investigators with a rich set of cmdlets and deep access to the internals of the Windows Desktop, Cloud Services and now Linux and Mac. The Python development environment provides a rich scripting environment allowing for the rapid development of new tools, deep analysis, automation and correlation of evidence. Integrating the best of both technologies facilitates the creation of next-generation solutions for incident response, live forensic investigation, and e-Discovery. During this session, participants will: Learn the fundamentals of both Powershell and Python, experience the value of integrating PowerShell and Python, and learn how to apply these open source integrations to current challenges.