Powershell forensic use
This is just a collection of links, most from the scripting guy about how to use PowerShell in forensic analysis of a computer system. I culled some of these together for the security group I belong to on campus, and before I lose them I thought I would drop them here.
- toolsmith: Security Investigations with PowerShell
- Learn the Easy Way to Use PowerShell to Get File Hashes
- Use PowerShell to Compute MD5 Hashes and Find Changed Files
- Beat the Auditors, Be One Step Ahead with PowerShell
- Learn How to Use PowerShell to Parse the Firewall Log
- Hey, Scripting Guy! Weekend Scripter: Scripting Microsoft Security Essentials
- Use PowerShell to Perform Offline Analysis of Security Logs
- Use PowerShell to Aid in Security Forensics