Velocidex / go-eseLinks
Go implementation of an Extensible Storage Engine parser
☆30Updated 7 months ago
Alternatives and similar repositories for go-ese
Users that are interested in go-ese are comparing it to the libraries listed below
Sorting:
- Hunt for SQLite files used by various applications☆26Updated last month
- A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, E…☆21Updated last week
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆35Updated 2 years ago
- Powershell Event Tracing Toolbox☆77Updated 3 years ago
- Simple PowerShell script to enable process scanning with Yara.☆98Updated 2 years ago
- a tiny program to consume from ETW providers for research☆52Updated 8 months ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 9 months ago
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆37Updated last month
- ☆36Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Updated 3 years ago
- ☆33Updated 3 years ago
- Build a domain with three quick PowerShell scripts!☆29Updated 5 years ago
- Evtx Log (xml) Browser☆56Updated 2 years ago
- ☆45Updated last year
- ☆94Updated 2 weeks ago
- Imphash-like calculation on Golang binaries☆49Updated 3 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆53Updated 2 years ago
- General Content☆26Updated last year
- A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…☆46Updated 2 years ago
- ☆23Updated 6 months ago
- Python DPAPI NG Decryptor for non-Windows Platforms☆63Updated 9 months ago
- Windows.EDB Browser☆58Updated 2 years ago
- SysInternals' Process Monitor filters repository - collected from various places and made up by myself. To be used for quick Behavioral a…☆70Updated 4 years ago
- THOR Thunderstorm Collectors☆25Updated last week
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆38Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- This aims to be a collection of tools to forensically analyze Active Directory databases☆25Updated 3 months ago
- Leghorn code for PKI abuse☆32Updated 4 years ago
- ☆14Updated 2 years ago
- ☆28Updated 3 years ago