Home

Awesome

Invoke-LiveResponse

The current scope of Invoke-LiveResponse is a live response tool for targeted collection. There are two main modes of use in Invoke-LiveResponse and both are configured by a variety of command line switches.

ForensicCopy

Live Response

Can be run:

Installation

Download Invoke-LiveResponse and extract into Powershell profile.

To run: Import-Module Invoke-LiveResponse

Help: Get-Help Invoke-LiveResponse -detailed

One liner install (if you trust me...)

PS> $url="https://raw.githubusercontent.com/mgreen27/Invoke-LiveResponse/master/Content/Ancillaries/Get-Forensicating.ps1";[Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls";$WebClient=(New-Object System.Net.WebClient);$WebClient.Proxy=[System.Net.WebRequest]::GetSystemWebProxy();$WebClient.Proxy.Credentials=[System.Net.CredentialCache]::DefaultNetworkCredentials;Invoke-Expression $WebClient.DownloadString($url)

Documentation

https://github.com/mgreen27/Invoke-LiveResponse/wiki