Tool to parse SRU database
☆25Mar 1, 2018Updated 7 years ago
Alternatives and similar repositories for SrumMonkey
Users that are interested in SrumMonkey are comparing it to the libraries listed below
Sorting:
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Discover USB device history for a specific user☆23Dec 28, 2015Updated 10 years ago
- Assorted classes and methods for indexing reports and retrieving information from an elastic index☆21Jul 5, 2016Updated 9 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆26Oct 9, 2015Updated 10 years ago
- Various DFIR Tools☆27Jul 23, 2018Updated 7 years ago
- Crack base64(sha256(username)) hash from Microsoft Event ID 1029☆23Aug 4, 2023Updated 2 years ago
- PowerShell Utilities for Security Situational Awareness☆13Jan 10, 2017Updated 9 years ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- Tool to extract the $UsnJrnl from an NTFS volume☆110Jul 30, 2019Updated 6 years ago
- An NTFS journal parser☆80Mar 3, 2016Updated 9 years ago
- Parse Manifest.mbdb files from iTunes backup directories☆20Jun 29, 2017Updated 8 years ago
- Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values☆23Sep 3, 2016Updated 9 years ago
- A Volatility plugin for finding sqlite database rows☆21Jul 14, 2019Updated 6 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆25Mar 25, 2021Updated 4 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- Powerful commandline $MFT record editor.☆25Aug 15, 2015Updated 10 years ago
- A Backup for BMC Viewer☆33Nov 4, 2017Updated 8 years ago
- Edited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection☆36Mar 14, 2018Updated 7 years ago
- Parser for $UsnJrnl on NTFS☆120Nov 27, 2022Updated 3 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- ☆23May 7, 2021Updated 4 years ago
- My Year of Python Repository☆28Jun 13, 2020Updated 5 years ago
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- Sharing my BITS☆13Feb 23, 2018Updated 8 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago
- SysScout is a fully encapsulated script that quickly and easily pulls local machine information from Linux-Based systems. A simple, easy…☆13Oct 20, 2017Updated 8 years ago
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆129Jan 31, 2022Updated 4 years ago
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- Lite version of PDF X-RAY that uses no backend☆38Nov 11, 2011Updated 14 years ago
- Some dfir stuff☆31Jan 12, 2022Updated 4 years ago
- A sort of a toolkit to decrypt Dropbox Windows DBX files☆31Apr 30, 2017Updated 8 years ago