Live Response and Forensics with PowerShell

Focused View

Liam Cleary

1:45:46

80 View

1. Course Overview

1. Course Overview.mp4

02:19

2. Using Execution Policies to Control PowerShell

1. Understanding PowerShell Execution Policies.mp4

06:10

2. Setting PowerShell Execution Policies.mp4

02:39

3. Understanding the Impact of PoweShell Execution Policies.mp4

02:25

3. Using PowerShell to Collect System Information

1. Review Available Native PowerShell Commands.mp4

02:45

2. Demo - Execute PowerShell Commands for System Information Retrieval.mp4

06:48

3. Review Supporting Tools.mp4

04:53

4. Demo - Execute Supporting Tools.mp4

08:09

4. Creating a Triage Script to Collect System Information

1. Using a Triage Script to Collect System Information.mp4

04:32

2. Demo - Execute the Triage Script - Part 1.mp4

08:13

3. Demo - Execute the Triage Script - Part 2.mp4

06:39

4. Demo - Review the Triage Script Output.mp4

08:00

5. Using PowerForensics to Perform Disk Analysis

1. Understand Disk Forensics.mp4

05:20

2. Review PowerForensics.mp4

03:13

3. Demo - Disk Forensic Setup.mp4

03:11

4. Demo - Perform Basic Disks Analysis using PowerForensics Part 1.mp4

05:56

5. Demo - Perform Basic Disks Analysis using PowerForensics Part 2.mp4

05:37

6. Demo - Perform Basic Disks Analysis using PowerForensics Part 3.mp4

06:03

7. Demo - Finding a Malicious Task.mp4

04:14

8. Demo - Timeline Creation.mp4

08:40

Description

This course will teach you how to use PowerShell for performing initial security triage on workstations and disk forensics.

What You'll Learn?

The ability to perform security triage and forensics can be a daunting task. However, many tools are available to make this process easier, one of which is PowerShell. In this course, Live Response and Forensics with PowerShell, you’ll learn how to use PowerShell to perform initial triage and forensics on a windows workstation. First, you’ll explore PowerShell execution policies and collect system information. Next, you’ll discover how to create a triage script using PowerShell and extra components to investigate the workstation. Finally, you’ll learn how to use the PowerForensics framework to perform disk analysis and create a forensic timeline. When you’re finished with this course, you’ll have the skills and knowledge to use PowerShell for digital forensics needed to perform triage and assist in identifying what happened and potential remediation.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Computer Forensics

PowerShell

Liam Cleary

Instructor's Courses

Liam began his career as a trainer of all things computer-related. He quickly realized that programming, breaking, and hacking were much more fun. He spent the next few years working within core infrastructure and security services. He is the founder and owner of SharePlicity, a consulting company that focuses on all technology areas. His role within SharePlicity is to help organizations implement technology to enhance internal and external collaboration, document and records management, automate business processes, and security controls and protection. He is a Microsoft MVP and Microsoft Certified Trainer, focusing on architecture, security, and crossing the boundary into software development. Over the past few years, his specialty has been security in Microsoft 365 and its surrounding platforms. He can often be found at user groups or conferences, offering advice, spending time in the community, teaching his kids how to code, raspberry PI programming, hacking the planet, building Lego robots, or coaching soccer.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.