Profile cover photo
Profile photo
Jared Atkinson
92 followers
92 followers
About
Posts

Post has attachment
Installing PowerShell on OSX

Post has attachment
Installing PowerShell on OSX
Today, Microsoft announced the open sourcing of PowerShell. Not only does this mean that we (the community) can contribute to PowerShell in the form of issues and pull requests, but PowerShell is now available for OSX and *nix! PowerShell is now available o...

Post has attachment

Post has attachment
Copying Locked Files with PowerForensics
[Cmdlets referenced in this article must be run with Local Administrator or equivalent permissions] Every Forensicator or Incident Responder has run into the dreaded ‘locked file’ at least once (probably A LOT more than once). Whether it is the Master File ...

Post has attachment
New years resolution was to be more active on my blog... Here is the first post which describes how you can export locked files using PowerForensics.

Post has attachment

Post has attachment
On the Forensic Trail - Guid Partition Table (GPT)
[This is the 3rd in a multi-part series titled "On the Forensic Trail".  My goal with this series is to introduce my PowerShell Forensics module called PowerForensics, and the forensic artifacts that it parses.   This post covers the Guid Partition Table (G...

Post has attachment
Next post in my On the Forensics Trail series discussing the Master Boot Record and the PowerForensics cmdlets for parsing it.

Post has attachment
I am beginning a multi-part series on using my new PowerShell module called PowerForensics to perform forensic analysis on Windows hosts. 

The first post provides instructions for downloading PowerForensics from my github, and how to install the module in your PowerShell session.

Post has attachment
On the Forensic Trail - Preparing for our Journey
About a month ago, I posted about a PowerShell module I wrote called PowerForensics.  At the time, the module was nothing more than a proof of concept, but I wanted to show the DFIR community that PowerShell is a viable option for scalable deep dive disk an...
Wait while more posts are being loaded