WIN-FOR
A Windows Forensics Toolkit and Environment Builder
The design behind this is to use a barebones Windows 10 VM (preferably 1909 and higher to support WSLv2). Once configured, and activated (to support customization features), then you can use the install.ps1 file to install all of the packages.
The install requires that the
Set-ExecutionPolicy feature be set to allow the script to run, at least twice, depending on your choices. This is best left to you to decide what is acceptable in your organization.For a listing of tools, check out the sub-sections from the menu on the left.
Last modified 1mo ago