init If you want to find out which executable were executed on a workstation in windows it is bit tricky to find. There are some ways you can detect that. In this post we will look into PowerForensic powershell scripts to check some of its features.
PowerForensic After you download and import the script, you will see the following commands available to the system. Remember to run the powershell as Administrator Below we can see that we can get last execution time for a specific application.
rezaur rahman
just thinking out loud to help others
cybersecurity researcher
Mars