- Course
- Security
Live Response and Forensics with PowerShell
This course will teach you how to use PowerShell for performing initial security triage on workstations and disk forensics.
What you'll learn
The ability to perform security triage and forensics can be a daunting task. However, many tools are available to make this process easier, one of which is PowerShell. In this course, Live Response and Forensics with PowerShell, you’ll learn how to use PowerShell to perform initial triage and forensics on a windows workstation. First, you’ll explore PowerShell execution policies and collect system information. Next, you’ll discover how to create a triage script using PowerShell and extra components to investigate the workstation. Finally, you’ll learn how to use the PowerForensics framework to perform disk analysis and create a forensic timeline. When you’re finished with this course, you’ll have the skills and knowledge to use PowerShell for digital forensics needed to perform triage and assist in identifying what happened and potential remediation.
Table of contents
About the author
Liam began his career as a Trainer of all things computer-related. He quickly realized that programming, breaking, and hacking was a lot more fun.