In this video walkthrough, we covered network analysis and forensics on Windows using Powershell and CMD. We analyzed an infected machine making network connections to C2 server and we discovered a malicious process masquerading as python and executing a python script that performs the C2 calls. We used Powershell cmdlets to uncover the network connections and related artifacts. We used TryHackMe Windows Network Analysis room for demonstration purposes. **** Receive Cyber Security Field, Certifications Notes and Special Training Videos ****** Writeup TryHackMe Windows Network Analysis ******** Google Profile LinkedIn [1]: [2]: Instagram Twitter Facebook