PowerForensics
Remote Packet Dumps from PacketCache
This blog post describes how to dump a packet capture (pcap file) on a remote computer, which runs the PacketCache service, and retrieve that pcap file using only PowerShell. PacketCache is a ...
Toolsmith – GSE Edition: snapshot.ps1
I just spent a fair bit of time preparing to take the GIAC Security Expert exam as part of the requirement to recertify every four years. I first took the exam in ...