-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtriage.ps1
More file actions
20 lines (15 loc) · 710 Bytes
/
triage.ps1
File metadata and controls
20 lines (15 loc) · 710 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# setup environment
$USER = $env:UserName
mkdir C:\Users\$USER\%DATE%_%TIME%\
Set-Location %DIRECTORY%
# output ipconfig data to a file
Get-NetIPAddress | Add-Content "IP.txt"
# output a list of all users with local accounts on this system to a file
netuser >> users.txt
Write-Output Acquired: %TIME% on %DATE$ | Add-Content "users.txt"
# output a list of detailed services to a file
Get-Service | Where-Object Status -eq "Running" | Out-GridView | Add-Content "services.txt"
# output a list of rinning services by priority to a file
Get-Process | Format-Table -View priority | Add-Content "services_priority.txt"
# output a list of scheduled tasks to a file
Get-ScheduledTask | Add-Content "schedule.txt"