DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenarios and noting down the changes in the Google Drive File Stream disk artifacts.
☆87Dec 20, 2024Updated last year
Alternatives and similar repositories for DriveFS-Sleuth
Users that are interested in DriveFS-Sleuth are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- ☆23Mar 12, 2025Updated last year
- Python web app for previewing data in a Chrome Profile Folder☆26Jul 1, 2024Updated 2 years ago
- mister-skinnylegs is an open plugin framework for parsing website/webapp artifacts in browser data. It currently provides a command line …☆20Nov 14, 2025Updated 7 months ago
- Parses RecentFileCacheParser.bcf files☆31Apr 30, 2026Updated 2 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A tool for fetching DFIR and other GitHub tools.☆29Aug 2, 2025Updated 10 months ago
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆56Jan 26, 2025Updated last year
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 7 months ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated 2 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆234Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- USN Journal full path builder☆69Apr 16, 2026Updated 2 months ago
- Slack Parser is a script to parse slack database and extract user-data, chat history, workspace information☆16Feb 21, 2021Updated 5 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆22Jul 18, 2023Updated 2 years ago
- ☆61Apr 28, 2026Updated 2 months ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago
- Parser fo macOS/iOS FSEvents Logs☆46May 6, 2024Updated 2 years ago
- Windows.EDB Browser☆62Mar 6, 2023Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Search Index Database Reporter☆138Oct 28, 2025Updated 8 months ago
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Parse Microsoft shim databases☆32Apr 26, 2026Updated 2 months ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆12May 6, 2026Updated last month
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆113Jun 16, 2026Updated 2 weeks ago
- A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…☆121Updated this week
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- My own diary notes. Adding the commands, tools, techniques, and resources that I will not memorize.☆16Jul 5, 2023Updated 2 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 3 years ago
- Forensic Artifact Collection Tool for macOS☆120Jul 28, 2025Updated 11 months ago
- ☆12Jun 20, 2020Updated 6 years ago
- OneDrive log .ODL reader☆168Nov 3, 2024Updated last year
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆35Nov 16, 2023Updated 2 years ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆309Mar 10, 2026Updated 3 months ago