4n6ist / usn_analytics
It's not just UsnJrnl (USN Journal Records/Change Journal Records) parser.
☆23Updated 6 years ago
Alternatives and similar repositories for usn_analytics:
Users that are interested in usn_analytics are comparing it to the libraries listed below
- Capture BAT is a behavioral analysis tool of applications for the Win32 operating system family.☆32Updated 11 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- Windows registry samples☆23Updated 6 years ago
- Binary commandline executable to parse ETL files☆67Updated 6 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl☆37Updated 8 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- Telsy CTI Research Team☆57Updated 4 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆24Updated 4 years ago
- Network detector for Winnti malware☆20Updated 7 years ago
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- TA505 unpacker Python 2.7☆47Updated 4 years ago
- Yara rules for detecting malware☆23Updated 6 months ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.