Defensive Security event.

Proposed sessions for this event:

  • Powerforensics - Forensics using Powershell by Malla Reddy
  • Powerforensics - Forensics using Powershell by Lionel Faleiro
Note: The session details including schedule are available below.

Powerforensics is a Powershell framework created for Hard Drive Forensic analysis by Jared Atkinson

We will be using it for Live Forensics, targeting the following:
- Acquiring protected files
- Windows Shortcuts
- Scheduled Jobs
- MRUs
- Prefetch
- Registry Analysis
- MFT Analysis
- Timelining

Hardware Requirements:
- Windows as Base OS.
- Minimum RAM 4 GB
- Powershell v5 (installed by default on win 10)
- FTK Imager (Used for mounting forensic images)
- Virtualbox installed
- Microsoft .net 4.6 installed

Note: Filling up the google form link provided below is important to get
yourself shortlisted for the workshop & only shortlisted will get mail for

Date Saturday September 23 2017
Chapter Mumbai
Registrations 42
Max Registrations Unlimited
Event Type Invite Only
Start Time 10:00 AM
End Time 03:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
Powerforensics - Forensics using Powershell Malla Reddy 10:00 AM 01:00 PM
Powerforensics - Forensics using Powershell Lionel Faleiro 01:00 PM 03:00 PM


This is an invite only event. If you are selected you will receive further information via e-mail.