PSListCopy File and file meta information acquisition using PowerShell in Live Response environment. Requirements Python 3.8+ Usage First, prepare a list of files to be collected from the Victim PC, such as tests\sample.txt. Create a PowerShell script with the following command. When collecting both files and metadata: python PSListCopy.py -l files.txt When collecting only metadata: python PSListCopy.py -l files.txt -n Move the PowerShell script(PSListCopy.ps1) to Victim PC. Run PowerShell as administrator on Victim PC. Enter the Set-ExecutionPolicy Unrestricted command to temporarily change the script execution policy. Run PSListCopy.ps1
