Go implementation of an Extensible Storage Engine parser
☆32Feb 15, 2025Updated last year
Alternatives and similar repositories for go-ese
Users that are interested in go-ese are comparing it to the libraries listed below
Sorting:
- http://moaistory.blogspot.com/2016/08/ie10analyzer.html☆19Jul 20, 2024Updated last year
- A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, E…☆24Nov 20, 2025Updated 3 months ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Mount VSCs with ease!☆18Jan 22, 2025Updated last year
- Hunt the windows Registry automatically using VQL☆14Jan 6, 2026Updated last month
- Microsoft Endpoint Manager Related☆17Jan 24, 2026Updated last month
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆96May 9, 2023Updated 2 years ago
- Convert kirbi ticket from mimikatz into hashcat format to crack it☆13Mar 5, 2019Updated 6 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- PowerShell script and workflow for creating and importing a Win32 package into Intune for the Microsoft 365 Apps☆22Updated this week
- Keyhack - Golang API token/webhook validator☆16Mar 20, 2025Updated 11 months ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆18Oct 28, 2023Updated 2 years ago
- ☆44Sep 22, 2022Updated 3 years ago
- A library implementing a generic SQL like query language.☆21Sep 15, 2025Updated 5 months ago
- Tier0 (Tier Zero) Account discovery for ActiveDirectory Security☆17Apr 11, 2018Updated 7 years ago
- msuserstats is a comprehensive Powershell tool to manage accounts from Microsoft Entra ID and Active Directory. It supports: a unified vi…☆43Mar 13, 2025Updated 11 months ago
- ☆36Oct 5, 2016Updated 9 years ago
- Active Directory Toolkit☆20Apr 9, 2019Updated 6 years ago
- A Dockerized Ghidra Server☆15Jan 9, 2021Updated 5 years ago
- PowerShell based Microsoft DNS management tool set☆19May 26, 2016Updated 9 years ago
- ☆27Jul 13, 2025Updated 7 months ago
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆130Jan 31, 2022Updated 4 years ago
- A Portable Executable parser for Golang☆48Nov 7, 2025Updated 3 months ago
- Microsoft Active Directory (AD) Awesome List☆26Feb 27, 2025Updated last year
- Documentation site for Velociraptor☆68Updated this week
- Yet another registry parser☆138Apr 15, 2022Updated 3 years ago
- A PowerShell function that scans for the existence of a Sticky Keys backdoor.☆24Aug 10, 2017Updated 8 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆26Oct 25, 2020Updated 5 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Fix acquired .evt - Windows Event Log files (Forensics)☆18Mar 29, 2016Updated 9 years ago
- ☆27May 1, 2023Updated 2 years ago
- ☆29Aug 19, 2020Updated 5 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Crack base64(sha256(username)) hash from Microsoft Event ID 1029☆23Aug 4, 2023Updated 2 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆159Jun 15, 2023Updated 2 years ago