AmgdGocha / DriveFS-SleuthLinks
DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenarios and noting down the changes in the Google Drive File Stream disk artifacts.
☆87Updated last year
Alternatives and similar repositories for DriveFS-Sleuth
Users that are interested in DriveFS-Sleuth are comparing it to the libraries listed below
Sorting:
- ☆68Updated 2 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated 2 years ago
- Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.☆43Updated last year
- Windows Forensics Environment Builder☆175Updated 2 months ago
- A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…☆115Updated 2 weeks ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Updated 11 months ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Updated 7 months ago
- Parses USB connection artifacts from offline Registry hives☆106Updated 7 months ago
- Python script to walk a folder or a zip file for SQLite Databases☆37Updated 2 years ago
- Remote access and Antivirus Logging Database☆45Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆87Updated 5 months ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆116Updated 3 weeks ago
- Digital Forensics Artifacts Knowledge Base☆89Updated last month
- USN Journal full path builder☆65Updated last year
- A simple script to read the contents of a zip/tar/folder and extract metadata☆21Updated 4 months ago
- ☆58Updated last week
- macOS Artifacts☆33Updated 11 months ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆106Updated 3 years ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆118Updated 2 years ago
- A curated list of KAPE-related resources☆177Updated 9 months ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆226Updated last month
- Chrome Logs Events and Protobuf Parser☆40Updated 3 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆55Updated 2 years ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆107Updated last year
- A tool for fetching DFIR and other GitHub tools.☆25Updated 6 months ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆33Updated 2 years ago
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆77Updated 3 months ago
- Vehicle Logs Events And Properties Parser☆94Updated 4 months ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆49Updated 3 weeks ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆29Updated last year