Skip to content
Parses KAPE module files and downloads binaries referenced by BinaryURL
Branch: master
Clone or download
Pull request Compare This branch is 4 commits ahead of EricZimmerman:master.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
7z first version Jan 22, 2019
Get-KapeModuleBinaries.ps1 Updated -modulepath parameter in examples Apr 19, 2019
LICENSE Create LICENSE Jan 22, 2019
README.md Updated -modulepath parameter in examples Apr 19, 2019

README.md

Get-KapeModuleBinaries

Downloads binaries used by KAPE

This script will discover and download all available EXE, ZIP, and PS1 files referenced in KAPE Module files and download them to $Dest

This was created from Eric Zimmerman's Get-ZimmermanTools script. I just modified a few things to have it parse the KAPE module (mkape) files and download binaries.

Rerunning the script will download a new copy of Eric's tools only if a newer version exists. All other tools will be download again even if a newer version is not available. To force Eric's tools to download a new copy, delete the line for that tool in the "!!!RemoteFileDetails.csv" file from the directory specified in the -Dest parameter.

Prerequisites

Installation

Download and extract zip. Set PowerShell execution policy to allow execution of scripts by launching PowerShell as an administrator and running the following:

PS C:\Tools> Set-ExecutionPolicy -executionpolicy bypass

Example

Downloads/extracts and saves details about programs to c:\tools directory.

PS C:\Tools> .\Get-KapeModuleBinaries.ps1 -Dest c:\tools -ModulePath "C:\Forensic Program Files\Zimmerman\Kape\Modules"

You can’t perform that action at this time.