From cffffd65bece2f3e2fd5edebac49379d1d4216dd Mon Sep 17 00:00:00 2001
From: Meir Wahnon <meir@demisto.com>
Date: Thu, 4 Feb 2016 09:48:18 +0200
Subject: [PATCH] Adding PowerForensics

to Windows Evidence Collection
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 8f5eea8..89b950d 100644
--- a/README.md
+++ b/README.md
@@ -88,7 +88,7 @@ A curated list of tools and resources for security incident response, aimed to h
 * [Crowd Response](http://www.crowdstrike.com/community-tools/) - Crowd Response by CrowdStrike is a lightweight Windows console application designed to aid in the gathering of system information for incident response and security engagements. It features numerous modules and output formats
 * [LOKI](https://github.com/Neo23x0/Loki) - Loki is a free IR scanner for scanning endpoint with yara rules and other indicators(IOCs)
 * [TRIAGE-IR](https://code.google.com/p/triage-ir/) - Triage-IR is a IR collector for Windows
-
+* [PowerForensics](https://github.com/Invoke-IR/PowerForensics) - Live disk forensics platform, using PowerShall
 
 ### OSX Evidence Collection
 * [OSX Auditor](https://github.com/jipegit/OSXAuditor) - OSX Auditor is a free Mac OS X computer forensics tool