PowerShell for Live Investigations

PowerShell for Live Investigations and Triage

  • PowerShell is a Microsoft framework that includes a command shell and a scripting language.
  • PowerShell is typically used by system administrators, IT teams, incident response groups and forensic investigators to investigate unauthorized or even criminal behavior.

Course Overview:

  • Setting up a PowerShell Environment
  • Using the PowerShell Help System
  • Leveraging built in and 3rd Party CmdLets
  • Applying PowerShell to Investigations and Incident Response scenarios
  • Developing Custom PowerShell Scripts to aid in discovery and forensic investigations