Microsoft has continually evolved its technology and has introduced some tools that can be used for intrusion analysis. The Windows Advanced Firewall and custom Windows Event Logs are some examples but this paper focuses on a quantum leap forward: PowerShell. Many Analysts must use Windows as their...