Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
☆27Dec 1, 2022Updated 3 years ago
Alternatives and similar repositories for IR-Last-Write-Time
Users that are interested in IR-Last-Write-Time are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆12Jun 3, 2022Updated 3 years ago
- Unpacking and decryption tools for the Emotet malware☆44Dec 5, 2021Updated 4 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- Power-Forensics is the Best Friend for Incident Responders to perform IR and collect evidences for Linux based host☆12Jun 2, 2023Updated 2 years ago
- The scrip will help you to find some values info for the user that you need as DFIR☆16Nov 3, 2022Updated 3 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Jan 31, 2022Updated 4 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Sep 13, 2023Updated 2 years ago
- A curated list of KAPE-related resources☆186May 1, 2025Updated last year
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Presentation materials for talks I've given.☆20Oct 14, 2019Updated 6 years ago
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- Vault of Windows Registry forensic artifacts☆30Nov 12, 2025Updated 5 months ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆21May 8, 2022Updated 3 years ago
- A tool designed to extract data from a logical ReFS 3.4 forensic image produced by FTK Imager☆17Nov 22, 2023Updated 2 years ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆53Jan 9, 2026Updated 3 months ago
- Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…☆39Apr 27, 2025Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 5 months ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago
- Finds event logs between two time points. Useful for helpdesk/support/malware analysis.☆48Feb 26, 2019Updated 7 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- ☆93Jul 30, 2025Updated 9 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆57Jul 2, 2023Updated 2 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- How to use the opencorporates API☆11Apr 2, 2018Updated 8 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆647Jun 19, 2024Updated last year
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆108Mar 12, 2026Updated last month
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- Powershell module for VMWare vSphere forensics☆173Nov 8, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- ☆21May 10, 2023Updated 2 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆40May 3, 2021Updated 5 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆69Dec 2, 2022Updated 3 years ago
- ☆13Oct 21, 2022Updated 3 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆33Mar 9, 2022Updated 4 years ago