Beginner Free

Windows Forensics using PowerShell

Learn how to gather essential system, user, and network information from Windows using PowerShell for DFIR readiness.

Self-Paced by Rajneesh Gupta

Overview

This project focuses on using PowerShell for Windows forensic analysis. You’ll learn how to collect critical system, user, process, and network data to identify suspicious activity, analyze evidence, and perform initial triage—all using built-in Windows tools without relying on external software.

What You'll Learn

  • System and User Enumeration

    Learn to gather key host details, logged-in users, and domain information using native PowerShell commands.

  • Process and Service Investigation

    Identify running processes, services, and detect anomalies by checking for non-standard paths or unauthorized executions.

  • Network and Connection Analysis

    Capture active network connections, open ports, and process-to-port mappings useful in forensic triage and monitoring.

Prerequisites

  • Basic understanding of **Windows operating system and file structure**
  • Familiarity with **PowerShell syntax and execution policies**
  • Awareness of **forensic concepts** like processes, services, and network connections

About Trainer

Rajneesh Gupta

Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity". As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.

LinkedIn YouTube GitHub

Related Projects

Linux File System Analysis
Free Beginner

Linux File System Analysis

Practical triage of Linux file systems for anomalies, metadata, and hidden files

Apache Server Log Analysis using Splunk
Pro Intermediate

Apache Server Log Analysis using Splunk

Detecting Brute Force, SQL Injection, XSS, and Suspicious Web Activity from Apache Access Logs with Splunk SIEM

Practical AWS Cloud Security Posture Assessment Using Scout Suite
Free Beginner

Practical AWS Cloud Security Posture Assessment Using Scout Suite

Identify real-world AWS attack surfaces through visual security posture analysis.