Home

SecPoSH is intended to be a PowerShell module consisting of scripts to aid Security Operations staff with investigating possible security incidents. Some scripts will parse/reformat existing command line tool output to make it more powershell friendly, and others will help interactively gather configuration daya, event log entries, and similar tasks you might face as an incident handler.

This project is closely related to the SecPoshMon project (https://sourceforge.net/projects/secposhmon/) which will handle scheduled data gathering and reporting primarily around the SANS 20 critical security controls, but which will be extensible through content packages.

Project Admins:

• khenkell