2016-04-12 Update: Removed links to scripts. These will be provided in a repo.

In the past two years since beginning forensic work, I have wanted to convert my “Live Response Scripts” to a system that could do much of the grunt, preview work for me; particularly, getting browser history dumps and basic registry information for report writing. I have also wanted to give PowerShell a whirl. Unfortunately (not surprising), I discovered that I PowerShell is not a flexible way to distribute scripts. It is amazingly good for IT work.

That said, I want to go ahead an upload the PowerShell version. While it is rough and only supports one external call, it should give a clear idea how the new version will function. Hopefully someone will also find the code useful. I do looking forward to Harlan Carvey releasing his forensic scanner.