What is the pricing for PSRecon?

PSRecon is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/gfoss/PSRecon/ for download and installation instructions.

What are alternatives to PSRecon?

Popular alternatives to PSRecon include: 1. Aurora Incident Response - Incident Response Documentation tool for tracking findings and tasks. (Free) 2. libsmdev - A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation. (Free) 3. dfvfs - A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats. (Free) 4. RTIR - Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication. (Free) 5. The Sleuth Kit & Autopsy - Autopsy is a GUI-based digital forensics platform for analyzing hard drives and smart phones, with a plug-in architecture for custom modules. (Free) Compare these tools and more at https://cybersectools.com/categories/security-operations

Who should use PSRecon?

PSRecon is for security teams and organizations that need Evidence Collection, Memory Forensics. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations

PSRecon | CybersecTools

PSRecon

A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.

Free494

Visit Website

Compare

Free494

PSRecon

A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.

Visit Website

Data verified Apr 2026

Explore Security Operations 48 Alternatives Compare Stacks Market Map Explore All Tools

ADYour product here. Reach security decision-makers.Launch a campaign

PSRecon Description

Security Operations/Digital Forensics and Incident Response

Evidence Collection Memory Forensics

PSRecon is a PowerShell-based incident response and live forensic data acquisition tool that gathers data from a remote Windows host, organizes the data into folders, hashes all extracted data, and sends the data to the security team. It also includes endpoint lockdown functionality, allowing users to disable an active directory account or quarantine the host until IT/Security can respond. The tool provides a detailed report that is self-contained, making it easy to share. It can be integrated with the organization's Active Defense frameworks to automate rapid forensic data acquisition and lock down the endpoint. PSRecon can be run on local or remote hosts, and offers various options for enabling PSRemoting and Unrestricted PowerShell Execution.

PSRecon Description

Security Operations/Digital Forensics and Incident Response

Evidence Collection Memory Forensics

PSRecon FAQ

Common questions about PSRecon including features, pricing, alternatives, and user reviews.

PSRecon is A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts. It is a Security Operations solution designed to help security teams with Evidence Collection, Memory Forensics.

Have more questions? Browse our categories or search for specific tools.

PSRecon

PSRecon

PSRecon Description

PSRecon Description

PSRecon FAQ

FEATURED

ALTERNATIVES

POPULAR

TRENDING CATEGORIES

FEATURED

ALTERNATIVES

POPULAR

TRENDING CATEGORIES