3gbCyber/IR-Last-Write-Time external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

3gbCyber/IR-Last-Write-Time

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/3gbCyber/IR-Last-Write-Time)

Close

3gbCyber / IR-Last-Write-TimeView on GitHubMore

• External links
• Readme badge

Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.

☆27Dec 1, 2022Updated 3 years ago

Alternatives and similar repositories for IR-Last-Write-Time

Users that are interested in IR-Last-Write-Time are comparing it to the libraries listed below

• gajos112 / PowerShell-Timeliner

  View on GitHub
  ☆12Jun 3, 2022Updated 3 years ago
• deepinstinct / DeMotet

  View on GitHub
  Unpacking and decryption tools for the Emotet malware
  ☆44Dec 5, 2021Updated 4 years ago
• n1ght-w0lf / pe-unmapper

  View on GitHub
  A small tool to unmap PE memory dumps.
  ☆11Nov 9, 2023Updated 2 years ago
• AndrewRathbun / EventTranscript.db-Research

  View on GitHub
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆43Jul 18, 2022Updated 3 years ago
• stuxnet999 / EventTranscriptParser

  View on GitHub
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Sep 13, 2023Updated 2 years ago
• archanchoudhury / Power-Forensics

  View on GitHub
  Power-Forensics is the Best Friend for Incident Responders to perform IR and collect evidences for Linux based host
  ☆12Jun 2, 2023Updated 2 years ago
• AndrewRathbun / Awesome-KAPE

  View on GitHub
  A curated list of KAPE-related resources
  ☆182May 1, 2025Updated 10 months ago
• Forensics-Lab / ReadFS

  View on GitHub
  A tool designed to extract data from a logical ReFS 3.4 forensic image produced by FTK Imager
  ☆16Nov 22, 2023Updated 2 years ago
• SecurityJosh / MuteSysmon

  View on GitHub
  A PowerShell script to prevent Sysmon from writing its events
  ☆16Apr 23, 2020Updated 5 years ago
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 4 years ago
• ch33r10 / BlueSpace2021

  View on GitHub
  Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!
  ☆13Jun 5, 2023Updated 2 years ago
• dwmetz / detonaRE

  View on GitHub
  Capture. Detonate. Collect
  ☆14Sep 20, 2024Updated last year
• 3gbCyber / User_Accounts_Hunting

  View on GitHub
  The scrip will help you to find some values info for the user that you need as DFIR
  ☆16Nov 3, 2022Updated 3 years ago
• kacos2000 / WindowsTimeline

  View on GitHub
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆196Feb 16, 2023Updated 3 years ago
• bgrundy / cheatsheets-forensic

  View on GitHub
  Forensic cheatsheets for use with cheat
  ☆15Dec 2, 2021Updated 4 years ago
• AndrewRathbun / ForensicImageKAPEOutput

  View on GitHub
  A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!
  ☆17Aug 31, 2024Updated last year
• ashwin-patil / threat-hunting-with-notebooks

  View on GitHub
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆69Dec 2, 2022Updated 3 years ago
• RegSeek / regseek.github.io

  View on GitHub
  Vault of Windows Registry forensic artifacts
  ☆28Nov 12, 2025Updated 3 months ago
• ryanmrestivo / blue-team

  View on GitHub
  Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…
  ☆39Apr 27, 2025Updated 10 months ago
• dwmetz / CyberPipe

  View on GitHub
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆341Dec 3, 2025Updated 3 months ago
• hackjalstead / IRCP

  View on GitHub
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Jan 31, 2022Updated 4 years ago
• AndrewRathbun / DFIRPowerShellScripts

  View on GitHub
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆51Jan 9, 2026Updated last month
• jklepsercyber / defender-detectionhistory-parser

  View on GitHub
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆117Jan 26, 2022Updated 4 years ago
• The-DFIR-Report / cyberchef-recipes

  View on GitHub
  ☆21May 8, 2022Updated 3 years ago
• theAtropos4n6 / Partition-4DiagnosticParser

  View on GitHub
  Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.
  ☆20Nov 28, 2023Updated 2 years ago
• ashemery / WindowsDFIR

  View on GitHub
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆77Jul 13, 2021Updated 4 years ago
• svch0stz / TheThreatHuntLibrary

  View on GitHub
  Library of threat hunts to get any user started!
  ☆49Sep 4, 2020Updated 5 years ago
• Silv3rHorn / evtx2json

  View on GitHub
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆41May 3, 2021Updated 4 years ago
• MSAdministrator / PowerUp-With-PowerShell

  View on GitHub
  This repository is for a beginners PowerShell training course I am holding in central Missouri.
  ☆20May 17, 2017Updated 8 years ago
• SafeBreach-Labs / CoWTools

  View on GitHub
  Tools for analyzing Windows containers and break container's isolation
  ☆32Aug 2, 2022Updated 3 years ago
• aaronst / talks

  View on GitHub
  Presentation materials for talks I've given.
  ☆20Oct 14, 2019Updated 6 years ago
• bradleyjkemp / sigma-esf

  View on GitHub
  Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework
  ☆22Jan 22, 2021Updated 5 years ago
• salehmuhaysin / DFIR-Tools

  View on GitHub
  All the useful tools interesting to be used
  ☆24Sep 20, 2022Updated 3 years ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆644Jun 19, 2024Updated last year
• BeanBagKing / EventFinder2

  View on GitHub
  Finds event logs between two time points. Useful for helpdesk/support/malware analysis.
  ☆47Feb 26, 2019Updated 7 years ago
• lucky-luk3 / Infosec_Notebooks

  View on GitHub
  ☆20May 10, 2023Updated 2 years ago
• CrowdStrike / xwf-yara-scanner

  View on GitHub
  ☆93Jul 30, 2025Updated 7 months ago
• packetsifter / packetsifterTool

  View on GitHub
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆93Jun 3, 2021Updated 4 years ago
• pr0xylife / Emotet

  View on GitHub
  IOC Collection 2022
  ☆57Mar 7, 2023Updated 2 years ago