https://evotec.xyz/es/tags/event-logEvotec Main Websitehttps://evotec.xyz/es/blog/restoring-recovering-powershell-scripts-from-event-logsA few days ago, I was asked to take a look at PowerShell Malware. While I don’t know much about malware, my curiosity didn’t let me skip on this occasion, and I was handed over WindowsPowerShell.evtx file. Ok, that’s not what I expected! I wanted PowerShell .ps1 files that I can read and assess? Well, you play with the cards you were dealt with. What I was handed over was PowerShell Event Log. PowerShell writes whatever you execute, and it thinks it is risky, to Windows PowerShell Operation Event Log.Fri, 28 Aug 2020 15:39:28 GMThttps://evotec.xyz/es/blog/restoring-recovering-powershell-scripts-from-event-logsevent logget-eventspowershellpowershellmanagerpseventviewerWindowshttps://evotec.xyz/es/blog/pswinreporting-forwarders-microsoft-teams-slack-microsoft-sql-and-moreIt’s been a while since PSWinReporting has been updated, or rather since I’ve written a blog post about it since it’s always…Sun, 16 Sep 2018 17:59:28 GMThttps://evotec.xyz/es/blog/pswinreporting-forwarders-microsoft-teams-slack-microsoft-sql-and-moreactive directoryevent logeventsmicrosoft teamsms sqlpowershellslacksqlteamsWindowshttps://evotec.xyz/es/blog/monitoring-active-directory-changes-on-users-and-groups-with-powershellWorking as Administrator with Active Directory can be rewarding. You can easily deploy new settings, make changes to users even…Fri, 23 Mar 2018 10:01:43 GMThttps://evotec.xyz/es/blog/monitoring-active-directory-changes-on-users-and-groups-with-powershellactive directoryevent idevent logevent viewereventsgroup membershipgroupsmonitoringpowershellsecurity eventsuser changesWindows