AmgdGocha / DriveFS-Sleuth
DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenarios and noting down the changes in the Google Drive File Stream disk artifacts.
☆77Updated last month
Alternatives and similar repositories for DriveFS-Sleuth:
Users that are interested in DriveFS-Sleuth are comparing it to the libraries listed below
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆65Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆82Updated last week
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- USN Journal full path builder☆54Updated 5 months ago
- Harness the power of Splunk for your investigations☆87Updated 2 months ago
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆56Updated 3 months ago
- Python script to walk a folder or a zip file for SQLite Databases☆38Updated last year
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆55Updated last week
- Remote access and Antivirus Logging Database☆43Updated 9 months ago
- ☆48Updated this week
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆45Updated 4 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆51Updated last year
- ☆66Updated 2 months ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆91Updated 2 years ago
- Parses USB connection artifacts from offline Registry hives☆94Updated last week
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆102Updated last year
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆101Updated 4 months ago
- Windows Forensics Environment Builder☆127Updated last month
- Chrome Logs Events and Protobuf Parser☆36Updated 2 years ago
- Graphical interface for the forensic logical acquisition of Mac computers☆77Updated 3 weeks ago
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Updated last year
- Digital Forensics Artifacts Knowledge Base☆77Updated 8 months ago
- Forensic Artifact Collection Tool Matrix☆81Updated 3 months ago
- This is the repository for indicators of compromise (IOCs) and other data for threat intelligence articles posted on the Palo Alto Networ…☆21Updated last month
- Logbook for Digital Forensics and Incident Response☆50Updated 7 months ago
- Incident Response documents and tooling☆68Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆104Updated last year
- A curated list of KAPE-related resources☆161Updated 9 months ago
- Initial triage of Windows Event logs☆95Updated 8 months ago
- ☆84Updated this week