3gbCyber/IR-Last-Write-Time external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

3gbCyber/IR-Last-Write-Time

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/3gbCyber/IR-Last-Write-Time)

Close

3gbCyber / IR-Last-Write-TimeView on GitHubMore

• External links
• Readme badge

Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.

☆27Dec 1, 2022Updated 3 years ago

Alternatives and similar repositories for IR-Last-Write-Time

Users that are interested in IR-Last-Write-Time are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• gajos112 / PowerShell-Timeliner

  View on GitHub
  ☆12Jun 3, 2022Updated 3 years ago
• deepinstinct / DeMotet

  View on GitHub
  Unpacking and decryption tools for the Emotet malware
  ☆44Dec 5, 2021Updated 4 years ago
• n1ght-w0lf / pe-unmapper

  View on GitHub
  A small tool to unmap PE memory dumps.
  ☆11Nov 9, 2023Updated 2 years ago
• archanchoudhury / Power-Forensics

  View on GitHub
  Power-Forensics is the Best Friend for Incident Responders to perform IR and collect evidences for Linux based host
  ☆12Jun 2, 2023Updated 2 years ago
• 3gbCyber / User_Accounts_Hunting

  View on GitHub
  The scrip will help you to find some values info for the user that you need as DFIR
  ☆16Nov 3, 2022Updated 3 years ago
• hackjalstead / IRCP

  View on GitHub
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Jan 31, 2022Updated 4 years ago
• stuxnet999 / EventTranscriptParser

  View on GitHub
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Sep 13, 2023Updated 2 years ago
• AndrewRathbun / Awesome-KAPE

  View on GitHub
  A curated list of KAPE-related resources
  ☆184May 1, 2025Updated 10 months ago
• dwmetz / detonaRE

  View on GitHub
  Capture. Detonate. Collect
  ☆14Sep 20, 2024Updated last year
• bgrundy / cheatsheets-forensic

  View on GitHub
  Forensic cheatsheets for use with cheat
  ☆15Dec 2, 2021Updated 4 years ago
• aaronst / talks

  View on GitHub
  Presentation materials for talks I've given.
  ☆20Oct 14, 2019Updated 6 years ago
• AndrewRathbun / ForensicImageKAPEOutput

  View on GitHub
  A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!
  ☆17Aug 31, 2024Updated last year
• RegSeek / regseek.github.io

  View on GitHub
  Vault of Windows Registry forensic artifacts
  ☆28Nov 12, 2025Updated 4 months ago
• AndrewRathbun / EventTranscript.db-Research

  View on GitHub
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆44Jul 18, 2022Updated 3 years ago
• AndrewRathbun / DFIRPowerShellScripts

  View on GitHub
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆51Jan 9, 2026Updated 2 months ago
• The-DFIR-Report / cyberchef-recipes

  View on GitHub
  ☆21May 8, 2022Updated 3 years ago
• Forensics-Lab / ReadFS

  View on GitHub
  A tool designed to extract data from a logical ReFS 3.4 forensic image produced by FTK Imager
  ☆16Nov 22, 2023Updated 2 years ago
• ryanmrestivo / blue-team

  View on GitHub
  Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…
  ☆39Apr 27, 2025Updated 10 months ago
• dwmetz / CyberPipe

  View on GitHub
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆340Dec 3, 2025Updated 3 months ago
• kacos2000 / WindowsTimeline

  View on GitHub
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆196Feb 16, 2023Updated 3 years ago
• BeanBagKing / EventFinder2

  View on GitHub
  Finds event logs between two time points. Useful for helpdesk/support/malware analysis.
  ☆47Feb 26, 2019Updated 7 years ago
• jklepsercyber / defender-detectionhistory-parser

  View on GitHub
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆117Jan 26, 2022Updated 4 years ago
• CrowdStrike / xwf-yara-scanner

  View on GitHub
  ☆93Jul 30, 2025Updated 7 months ago
• csababarta / memory-baseliner

  View on GitHub
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆56Jul 2, 2023Updated 2 years ago
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 4 years ago
• SafeBreach-Labs / CoWTools

  View on GitHub
  Tools for analyzing Windows containers and break container's isolation
  ☆33Aug 2, 2022Updated 3 years ago
• AndrewRathbun / Anti-Forensics-VHDX

  View on GitHub
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆27Jan 2, 2023Updated 3 years ago
• edbltn / opencorporates_api

  View on GitHub
  How to use the opencorporates API
  ☆11Apr 2, 2018Updated 7 years ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆644Jun 19, 2024Updated last year
• AndrewRathbun / DFIRRegex

  View on GitHub
  A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
  ☆107Mar 12, 2026Updated last week
• ashemery / WindowsDFIR

  View on GitHub
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆77Jul 13, 2021Updated 4 years ago
• salehmuhaysin / DFIR-Tools

  View on GitHub
  All the useful tools interesting to be used
  ☆24Sep 20, 2022Updated 3 years ago
• ANSSI-FR / DFIR4vSphere

  View on GitHub
  Powershell module for VMWare vSphere forensics
  ☆170Nov 8, 2024Updated last year
• sisoma2 / malware_analysis

  View on GitHub
  Scripts, Yara rules and other files developed during malware investigations
  ☆27Aug 19, 2022Updated 3 years ago
• mandiant / vbScript_deobfuscator

  View on GitHub
  Help deobfuscate VBScript
  ☆18Jul 1, 2022Updated 3 years ago
• lucky-luk3 / Infosec_Notebooks

  View on GitHub
  ☆20May 10, 2023Updated 2 years ago
• Silv3rHorn / evtx2json

  View on GitHub
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆41May 3, 2021Updated 4 years ago
• Intrinsec / mplog_parser

  View on GitHub
  This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.
  ☆21Sep 30, 2022Updated 3 years ago
• ashwin-patil / threat-hunting-with-notebooks

  View on GitHub
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆69Dec 2, 2022Updated 3 years ago