The long awaited CyberPipe is here. A ton of updates to the script. See the blog post for the updates, and the problems and solutions found along the way.

https://bakerstreetforensics.com/2023/01/16/kape-batch-mode-arm-memory-updates-to-csirt-collect-and-all-the-things-i-learned-along-the-way/

Then head over to the releases on GitHub and try it out for yourself.

#DFIR #PowerShell #Triage #RAM.

GitHub: https://github.com/dwmetz/CyberPipe