Pre-conference Hands-on Training


4 April 2017 | PRAGUE

Forensics Analysis with Power Shell

Trainers

Ivan Bacigal - Forensic expert
Lukas Hlavicka - Cyber Security Professional
Slavomir Ivancik - Penetration Tester

PowerShell Essentials

  • Cmdlets, Functions, Modules

    Collection data on Windows hosts with PowerShell

  • RAM, Logs, Files, Forensics image and hashing
  • Shadow copies

    Live system analysis

  • Running processes
  • Loaded registry files
  • Shadow copies
  • Network communication
  • Installed software
    ... much more

    Analysis of standard windows artifacts

  • Windows Logs
    - Detection and analyze of standard forensics questions
    - Intrusion detection
    - Lateral movement detection - Use of privileged accounts
  • Prefetch, history of web browsers

    Configure Windows to provide forensics artifacts

  • Run/stop processes
  • Audit access to specific files
  • Forward logs to secured location


    Get your Training pass early, seats are limited to 20 students.
    Earn 8 CPE Credits (upon request).

    Target Audience

  • First responders
  • Forensics analysts
  • Windows administrators
  • Security specialists
  • Pentesters


  • Diamond Sponsor:


    Platinum Sponsors:


    Gold Sponsors:


    Silver Sponsors:


    Sponsors:


    Media Partners:


    Supporting Partners:


    Supporting Professionals from:

    © 2013-2017QuBit Conference, The Universe of Cyber Security and Digital Forensics   Privacy disclaimer

    Web Analytics