Wednesday, July 30, 2014

Kansa: A PowerShell-based incident response framework

Kansa, a free, open source, PowerShell-based incident response framework hosted at https://github.com/davehull/Kansa.

Kansa is modular. It features a core script, dozens of collector modules and analysis scripts to help make sense of the data collected. Kansa takes advantage of Windows Remote Management and PowerShell remoting. It uses PowerShell’s default non-delegated Kerberos network logons, not CredSSP and therefore does not expose credentials to harvesting.

Source : PowerShell Magazine