Add PowerShellConsoleHostHistory.tkape

[nisargsuthar]

Description

Add a target to collect the central file responsible for PowerShell command history, similar to .bash_history in Linux.

Checklist:

Please replace every instance of [ ] with [X] OR click on the checkboxes after you submit your PR

• I have generated a unique GUID for my Target(s)/Module(s)
• I have placed the Target(s)/Module(s) in an appropriate subfolder in Targets or Modules. If one doesn't exist, I have either added it to the Misc folder or created a relevant subfolder with justification
• I have set or updated the version of my Target(s)/Module(s)
• I have verified that KAPE parses the Target(s)/Module(s) successfully via kape.exe, using --tlist/--mlist and corrected any errors
• I have validated my Target(s)/Module(s) against test data and verified they are working as intended
• I have made an attempt to document the artifacts within the Target(s) or Module(s) I am submitting. If documentation doesn't exist, I have placed N/A underneath the Documentation header
• For Targets, I have consulted either the Target Guide, Target Template, Compound Target Guide, or Compound Target Template to ensure my Target(s) follow the same format
• For Modules, I have consulted either the Module Guide, Module Template, Compound Module Guide, or Compound Module Template to ensure my Module(s) follow the same format

If your submission involves an SQLite database, have you considered making an SQLECmd Map for the SQLite database? If you make a Map, please add the SQLite database to the SQLiteDatabases.tkape Compound Target.

Thank you for your submission and for contributing to the DFIR community!

[AndrewRathbun]

@nisargsuthar we already have https://github.com/EricZimmerman/KapeFiles/blob/master/Targets%2FLogs%2FPowerShellConsole.tkape. I presume this is what you were looking to do?

Great to see you btw 👋

[nisargsuthar]

Oh yes that's exactly it! I thought it would've been under the Windows category my bad for not checking each one, sorry. Closing this lol.