PowerShell DNS Forensics Tutorial | Investigate DNS Records Step-by-Step

Описание: "DNS Forensics Tutorial.

Today we’re diving into one of the most powerful—yet often overlooked—parts of cyber forensics: DNS investigation using PowerShell.
I’m going to demonstrate the top 20 commands every analyst should know to quickly interrogate DNS records, uncover suspicious domains, and perform effective DNS forensics.
Let’s get started."

Topics covered
• How to query DNS directly with PowerShell
• How to investigate suspicious domains
• How to gather evidence for forensic analysis
• How DNS records reveal attacker infrastructure
• Practical threat-hunting workflows

We will examine

✔ A Records (IPv4)
✔ AAAA Records (IPv6)
✔ MX Records (Mail servers)
✔ TXT Records (SPF, DKIM, DMARC)
✔ PTR Records (Reverse lookup)
✔ CNAME, NS, SOA, and more!