A Windows Forensics Toolkit and Environment Builder


The design behind this is to use a barebones Windows 10 VM (preferably 1909 and higher to support WSLv2). Once configured, and activated (to support customization features), then you can use the install.ps1 file to install all of the packages.
The install requires that the Set-ExecutionPolicy feature be set to allow the script to run, at least twice, depending on your choices. This is best left to you to decide what is acceptable in your organization.
For more details, check out the Using the Installer section.
For a listing of tools, check out the sub-sections from the menu on the left.