PCAParser
A PowerShell script that can be used to parse and convert to CSV the new Windows 11 artifacts found in C:\Windows\appcompat\pca
MIT License
Stars
8
Ecosystems:
PowerShell,
Windows
PCAParser
A PowerShell 5 script that can be used to parse and convert to CSV the new Windows 11 artifacts found in C:\Windows\appcompat\pca
Documentation
Check out the blog post on AboutDFIR highlighting this new artifact here.
Sample Data
Sample artifacts to test this script on can be found in the DFIRArtifactMuseum, specifically here.