Due to some of the constraints in managing the source URL's in Powershell, I'd like to link to the great work by @digitalsleuth - https://github.com/digitalsleuth/winfor-salt as per PR #38 we have reached feature parity there.
regripper- Maintainer Contacted - (Also part of autospy) nimi places not launching, may not show tools by category. All shortcuts are under Forensics tools on the desktop
Shortcuts may not be showing in category with nimi places. A workaround can be conducted by changing your profile directory username and user directory to user
i.e C:\users\user\
Initial WSL2 Implimentation Initial GUI Implimentation
GUI Replication that categorises each tool, similar to the Windows SIFT VM. Implimentation of further tools upon request.
Please raise an issue for extra tools. Or, reopen #17
Attempting to reach out too Kroll again for Kape... requested numourous times
This script Is designed for non-commercial use, By installing these scripts, you agree to be bound by the vendors own licence agreement. No responsibility will be taken for licence misuse.
If you wish to use this script for commercial-use the following software requires licencing
64 Bit Windows 10 1904 or above setup as default with username user
so profiles direct to C:\users\user
(Failure to do so results in shortcuts and nimiplaces not mapping correctly)
Virtualisation enabled in you're VM if you wish to use WSL
Right click on the start menu, and select Administrative Command Prompt
Set the powershell execution policy with
Set-ExecutionPolicy Unresticted
Change to the downloaded directory i.e
cd $home\Downloads
Install Chocolatey with
.\Get-Chocolatey.ps1
Install Git with
.\Get-Git.ps1
If Desired Install WSL(Bash For Windows) with
.\Get-WSL.ps1
Then, Reboot
After reboot, install ubuntu with
.\Get-Ubuntu
If Desired Install experimental windows terminal feature
.\Get-Terminal.ps1
Install Forensics Tools with
.\Get-Forensics-Tools.ps1
Note if you want full system indexing, thanks to garbage windows search, you can either use everything, or change the indexing options to C:\ at this time, this is an issue thats beyond the scope of this project, as it requires a windows SDK Dll. See #32
An open source project aimed to replicate the Windows SIFT Machine used during SANS Courses minus any payware software. This aims to install the same tools forensics analysts have trained with during their SANS Course, or to quickly prepare for a CTF, as there does not appear to be a similar VM available Open Source.
If you have any suggestions or feedback, or; Are the developer or copyright holder of a package you do not want included in this script, please raise an issue.