Live Response and Forensics with PowerShell

  • CategoryOther
  • TypeTutorials
  • LanguageEnglish
  • Total size470.4 MB
  • Uploaded Bytutsnode
  • Downloads67
  • Last checkedMar. 29th '23
  • Date uploadedMar. 28th '23
  • Seeders 0
  • Leechers0
Your ISP and Government can track your torrent activity! Hide your IP with a VPN!

Infohash : 38E43EAE84F869AE7956C66222A7DE4A07FD4114


Description

Performing security triage and forensics on a workstation is time-consuming and may require complex tools. In this course, you will learn how to use PowerShell to perform triage and disk forensics combined with readily available system tools.

The ability to perform security triage and forensics can be a daunting task. However, many tools are available to make this process easier, one of which is PowerShell. In this course, Live Response and Forensics with PowerShell, you’ll learn how to use PowerShell to perform initial triage and forensics on a Windows workstation. First, you’ll explore PowerShell execution policies and collect system information. Next, you’ll discover how to create a triage script using PowerShell and extra components to investigate the workstation. Finally, you’ll learn how to use the PowerForensics framework to perform disk analysis and create a forensic timeline. When you’re finished with this course, you’ll have the skills and knowledge to use PowerShell for digital forensics needed to perform triage and assist in identifying what happened and potential remediation.

Last Updated 3/2023

Files:

Live Response and Forensics with PowerShell [TutsNode.net] - Live Response and Forensics with PowerShell
  • powershell-live-response-forensics.zip (37.7 MB)
    • 2. Using Execution Policies to Control PowerShell
    • 6. Demo - Understand the Impact of Execution Policies.vtt (13.9 KB)
    • 1. Agenda.vtt (1.0 KB)
    • 5. Understand the Impact of Execution Policies.vtt (2.6 KB)
    • 2. Review Execution Policies.vtt (9.7 KB)
    • 7. Summary.vtt (1.1 KB)
    • 4. Demo - Set and Remove Execution Policy Levels.vtt (7.8 KB)
    • 3. Set Execution Policies.vtt (3.5 KB)
    • 6. Demo - Understand the Impact of Execution Policies.mp4 (24.9 MB)
    • 2. Review Execution Policies.mp4 (14.8 MB)
    • 4. Demo - Set and Remove Execution Policy Levels.mp4 (9.8 MB)
    • 3. Set Execution Policies.mp4 (5.0 MB)
    • 5. Understand the Impact of Execution Policies.mp4 (3.2 MB)
    • 1. Agenda.mp4 (1.8 MB)
    • 7. Summary.mp4 (1.7 MB)
    05. Using PowerForensics to Perform Disk Analysis
    • 08. Demo - Perform Basic Disk Analysis Using PowerForensics - Part 2.vtt (13.0 KB)
    • 10. Demo - Perform Basic Disk Analysis Using PowerForensics - Part 4.vtt (12.2 KB)
    • 07. Demo - Perform Basic Disk Analysis Using PowerForensics - Part 1.vtt (11.2 KB)
    • 05. Demo - Install, Import, and Test PowerForensics.vtt (8.2 KB)
    • 04. Install and Import PowerForensics.vtt (2.6 KB)
    • 06. Performing Hard Disk Forensics.vtt (7.1 KB)
    • 02. Understand Disk Forensics.vtt (5.6 KB)
    • 09. Demo - Perform Basic Disk Analysis Using PowerForensics - Part 3.vtt (4.2 KB)
    • 11. Summary.vtt (2.1 KB)
    • 03. Review PowerForensics.vtt (2.1 KB)
    • 01. Agenda.vtt (2.0 KB)
    • 10. Demo - Perform Basic Disk Analysis Using PowerForensics - Part 4.mp4 (22.4 MB)
    • 08. Demo - Perform Basic Disk Analysis Using PowerForensics - Part 2.mp4 (21.8 MB)
    • 07. Demo - Perform Basic Disk Analysis Using PowerForensics - Part 1.mp4 (18.7 MB)
    • 09. Demo - Perform Basic Disk Analysis Using PowerForensics - Part 3.mp4 (13.3 MB)
    • 05. Demo - Install, Import, and Test PowerForensics.mp4 (12.0 MB)
    • 06. Performing Hard Disk Forensics.mp4 (9.0 MB)
    • 02. Understand Disk Forensics.mp4 (6.2 MB)
    • 11. Summary.mp4 (2.9 MB)
    • 04. Install and Import PowerForensics.mp4 (2.9 MB)
    • 01. Agenda.mp4 (2.4 MB)
    • 03. Review PowerForensics.mp4 (2.3 MB)
    4. Creating a Triage Script to Collect System Information
    • 2. Script Tasks.vtt (10.8 KB)
    • 6. Demo - Createing and Executing the Triage Script.vtt (10.7 KB)
    • 6. Demo - Createing and Executing the Triage Script.mp4 (34.7 MB)
    • 1. Agenda.vtt (0.9 KB)
    • 4. Demo - Create a Triage Script to Collect System Information - Supporting F.vtt (8.2 KB)
    • 7. Demo - Execute the Triage Script - Export Logs.vtt (7.4 KB)
    • 5. Demo - Create a Triage Script to Collect System Information - Supporting F.vtt (7.2 KB)
    • 8. Summary.vtt (1.8 KB)
    • 3. Demo - Create a Triage Script to Collect System Information - Create the V.vtt (4.8 KB)
    • 7. Demo - Execute the Triage Script - Export Logs.mp4 (20.3 MB)
    • 4. Demo - Create a Triage Script to Collect System Information - Supporting F.mp4 (17.2 MB)
    • 5. Demo - Create a Triage Script to Collect System Information - Supporting F.mp4 (17.1 MB)
    • 2. Script Tasks.mp4 (13.7 MB)
    • 3. Demo - Create a Triage Script to Collect System Information - Create the V.mp4 (7.2 MB)
    • 8. Summary.mp4 (2.0 MB)
    • 1. Agenda.mp4 (1.4 MB)
    03. Using PowerShell to Collect System Information
    • 08. Execute Supporting Tools.vtt (4.9 KB)
    • 13. Demo - Format the Retrieved Information.vtt (10.7 KB)
    • 05. Demo - Execute PowerShell Commands for System Information Retrieval.vtt (9.7 KB)
    • 06. Review Supporting Tools.vtt (7.9 KB)
    • 09. Demo - Execute Supporting Tools - TPC Port Information.vtt (7.0 KB)
    • 10. Demo - Execute Supporting Tools - Autorun Information.vtt (6.9 KB)
    • 04. Execute PowerShell Commands for System Information Retrieval.vtt (6.2 KB)
    • 11. Demo - Execute Supporting Tools - Session and Event Logs.vtt (6.1 KB)
    • 02. Review Required Triage Data.vtt (5.4 KB)
    • 12. How to Format the Retrieved Information.vtt (5.4 KB)
    • 01. Agenda.vtt (1.2 KB)
    • 07. Understand How to Use Supporting Tools with PowerShell.vtt (4.5 KB)
    • 03. Review Available Native PowerShell Commands.vtt (3.4 KB)
    • 14. Summary.vtt (1.6 KB)
    • 13. Demo - Format the Retrieved Information.mp4 (26.5 MB)
    • 05. Demo - Execute PowerShell Commands for System Information Retrieval.mp4 (19.5 MB)
    • 10. Demo - Execute Supporting Tools - Autorun Information.mp4 (15.5 MB)
    • 11. Demo - Execute Supporting Tools - Session and Event Logs.mp4 (10.8 MB)
    • 06. Review Supporting Tools.mp4 (8.9 MB)
    • 09. Demo - Execute Supporting Tools - TPC Port Information.mp4 (8.6 MB)
    • 04. Execute PowerShell Commands for System Information Retrieval.mp4 (8.1 MB)
    • 12. How to Format the Retrieved Information.mp4 (7.0 MB)
    • 08. Execute Supporting Tools.mp4 (6.5 MB)
    • 02. Review Required Triage Data.mp4 (6.4 MB)
    • 07. Understand How to Use Supporting Tools with PowerShell.mp4 (5.8 MB)
    • 03. Review Available Native PowerShell Commands.mp4 (4.5 MB)
    • 14. Summary.mp4 (2.1 MB)
    • 01. Agenda.mp4 (1.7 MB)
    1. Course Overview
    • 1. Course Overview.vtt (3.2 KB)
    • 1. Course Overview.mp4 (6.9 MB)
    • TutsNode.net.txt (0.1 KB)
    • [TGx]Downloaded from torrentgalaxy.to .txt (0.6 KB)
      • .pad
      • 0 (0.1 KB)
      • 1 (133.1 KB)
      • 2 (240.2 KB)
      • 3 (122.8 KB)
      • 4 (127.5 KB)
      • 5 (242.2 KB)
      • 6 (233.0 KB)
      • 7 (29.9 KB)
      • 8 (23.9 KB)
      • 9 (3.2 KB)
      • 10 (200.6 KB)
      • 11 (237.0 KB)
      • 12 (209.4 KB)
      • 13 (66.9 KB)

      • Code:

        • udp://open.stealth.si:80/announce
        • udp://tracker.tiny-vps.com:6969/announce
        • udp://fasttracker.foreverpirates.co:6969/announce
        • udp://tracker.opentrackr.org:1337/announce
        • udp://explodie.org:6969/announce
        • udp://tracker.cyberia.is:6969/announce
        • udp://ipv4.tracker.harry.lu:80/announce
        • udp://tracker.uw0.xyz:6969/announce
        • udp://opentracker.i2p.rocks:6969/announce
        • udp://tracker.birkenwald.de:6969/announce
        • udp://tracker.torrent.eu.org:451/announce
        • udp://tracker.moeking.me:6969/announce
        • udp://tracker.dler.org:6969/announce
        • udp://9.rarbg.me:2970/announce