A Digital Forensics framework for Windows PowerShell.

This module tries to enumerate all the persistence techniques implanted on a compromised machine.

A Digital Forensics framework for Windows PowerShell.

A Digital Forensics framework for Windows PowerShell.

Provides security focused PowerShell cmdlets to conduct security testing and forensics.

PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.

This module is using https://freegeoip.live API which is free. Yes. It's totally free. They believe that digital businesses need to get such kind of service for free. Many services are selling Geoip API as a service, but they think that it should be totally free. Feel free to their API as much as you want without any limit other than 10,000 queries... More info

Microsoft 365 Incident Response and Threat Hunting PowerShell tool. Osprey is designed to ease the burden on M365 administrators who are performing Cloud forensic tasks for their organization. It accelerates the gathering of data from multiple sources in the service that be used to quickly identify malicious presence and activity.

The DFIR-O365RC module will extract logs from the unified audit log (using Exchange Online and Purview), Entra ID Sign In logs, Entra ID Audit Logs, Azure Monitor and Azure DevOps activity logs