abelcheung / rifiuti2
Windows Recycle Bin analyser
☆146Updated last month
Alternatives and similar repositories for rifiuti2:
Users that are interested in rifiuti2 are comparing it to the libraries listed below
- Parser for $UsnJrnl on NTFS☆110Updated 2 years ago
- exe2powershell - exe2bat reborn for modern Windows☆172Updated 4 years ago
- Commandline low level file extractor for NTFS☆284Updated 5 years ago
- Remove individual lines from Windows XML Event Log (EVTX) files☆267Updated 3 years ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆148Updated 7 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 4 years ago
- 🚀AutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitima…☆267Updated 2 months ago
- Lnk Explorer Command line edition!!☆293Updated 2 months ago
- Cross-platform, open-source shellbag parser☆150Updated 2 years ago
- The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.☆52Updated 8 years ago
- ☆90Updated 2 years ago
- Windows Shortcut file (LNK) parser☆134Updated 2 years ago
- Active Directory forensic framework☆324Updated 3 years ago
- A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.☆169Updated last month
- SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-20…☆573Updated 5 years ago
- Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, wa…☆139Updated 2 months ago
- Tool to extract the $UsnJrnl from an NTFS volume☆107Updated 5 years ago
- Some PowerShell Stuff☆282Updated 2 years ago
- A list of ways to execute code on Windows using legitimate Windows tools☆306Updated 5 years ago
- Windows RID Hijacking persistence technique☆172Updated 4 months ago
- DLL Password Filter Implant with Exfiltration Capabilities☆136Updated 5 years ago
- Toolset for research malware and Cobalt Strike beacons☆209Updated 2 weeks ago
- Digital forensic acquisition tool for Windows based incident response.☆338Updated 10 months ago
- MSBuildShell, a Powershell Host running within MSBuild.exe☆287Updated 5 years ago
- Dump various types of Windows credentials without injecting in any process.☆426Updated 2 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆425Updated 4 years ago
- PowerShell module for Mimikatz☆212Updated 5 years ago
- A PoC WMI backdoor presented at Black Hat 2015☆273Updated 9 years ago
- Windows 10 LPE (UAC Bypass) in Windows Store (WSReset.exe)☆263Updated 5 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆256Updated 6 years ago