It's not just UsnJrnl (USN Journal Records/Change Journal Records) parser.
☆23Nov 11, 2018Updated 7 years ago
Alternatives and similar repositories for usn_analytics
Users that are interested in usn_analytics are comparing it to the libraries listed below
Sorting:
- Windows Thingies in Python for live use.☆24Apr 22, 2019Updated 6 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).☆16Dec 20, 2019Updated 6 years ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- -x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x- LD_PRELOAD based user-land rootkit for Linux platform.☆28Dec 10, 2020Updated 5 years ago
- Parser for $UsnJrnl on NTFS☆120Nov 27, 2022Updated 3 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- An AFF4 C++ implementation.☆214Mar 24, 2023Updated 2 years ago
- Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.☆32Oct 13, 2018Updated 7 years ago
- Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.☆39Apr 11, 2020Updated 5 years ago
- volatility explorer☆92Nov 16, 2020Updated 5 years ago
- I2P Daemon written in Rust☆14Apr 7, 2017Updated 8 years ago
- Visual-based analysis of file system metadata. The tool enables digital forensics of large volumes of data.☆10May 10, 2024Updated last year
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆18Mar 22, 2020Updated 5 years ago
- Консольное приложение для скачивания архивных материалов с сайта https://cgamos.ru☆13Nov 7, 2025Updated 3 months ago
- Implement MTCNN with Tensorflow.js. A face detection framework with MTCNN and Tensorflow.js☆11Jun 30, 2022Updated 3 years ago
- Dumping credentials through windbg and pykd☆41Sep 25, 2023Updated 2 years ago
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 2 years ago
- A very basic app written in Javascript and packaged as a Docker image to be used as a demo when testing clustered deployments in ECS/EKS.☆11Jun 30, 2023Updated 2 years ago
- Sample queries for Advanced hunting in Windows Defender ATP☆11Apr 22, 2020Updated 5 years ago
- In this article i've listed a collection of cheatsheets for digital forensics. It covering forensics topics for smartphone , memory , net…☆13Mar 8, 2020Updated 5 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago
- Malware - Machine Learning☆11Mar 24, 2018Updated 7 years ago
- Registry Based Artifact Collection and Correlation☆10Aug 18, 2015Updated 10 years ago
- Dash rootkit. Linux Trojan Backdoor. (MALWARE)☆11Apr 3, 2023Updated 2 years ago
- A no-code in-browser ML-Toolkit☆11Updated this week
- These scripts provide a quick and easy way to create Bit Locker encrypted VHD (virtual hard disk) images using Batch or Power Shell. They…☆10Jan 7, 2021Updated 5 years ago
- Some of example code that I have collected while learning☆10Sep 25, 2016Updated 9 years ago
- WPF helper library☆14Apr 6, 2019Updated 6 years ago
- ☆12Mar 24, 2018Updated 7 years ago
- Legacy version of libewf☆13Dec 20, 2025Updated 2 months ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- ☆10Jul 30, 2017Updated 8 years ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- Not maintained, kept as some sites link to it. See https://github.com/Convery/Ayria_cpp☆11Aug 9, 2017Updated 8 years ago
- [2007] Windows tool, offers the ability to dynamically and transparently modify incoming and outgoing network traffic, as well as to redi…☆12Nov 27, 2017Updated 8 years ago
- analyze the content of the pe file on windows, and shell(pack) function for windows drivers.☆11Nov 9, 2018Updated 7 years ago