dfirlabs / ntfs-specimensView external linksLinks
NTFS file system specimens
☆13Jul 3, 2023Updated 2 years ago
Alternatives and similar repositories for ntfs-specimens
Users that are interested in ntfs-specimens are comparing it to the libraries listed below
Sorting:
- ☆24Mar 12, 2025Updated 11 months ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- Extension blocks as found in ShellBags and other places in the Registry☆25Jan 7, 2025Updated last year
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Python Forensic and Log Analysis GUI☆27Dec 22, 2014Updated 11 years ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- Virustotal Data to Timesketch☆16Feb 28, 2019Updated 6 years ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆12Dec 3, 2020Updated 5 years ago
- Manipulate timestamps on NTFS☆52Nov 10, 2014Updated 11 years ago
- Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.☆17Aug 17, 2020Updated 5 years ago
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 7 years ago
- ☆30Jul 17, 2018Updated 7 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Evtx Log (xml) Browser☆57Mar 12, 2023Updated 2 years ago
- A Golang Registry parser☆19Feb 3, 2025Updated last year
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Set up a quick and dirty audit log on an SQLite db.☆16May 16, 2013Updated 12 years ago
- A Python parser for Rich Headers☆15Jun 2, 2015Updated 10 years ago
- Sabonis, a Digital Forensics and Incident Response pivoting tool☆18Mar 3, 2022Updated 3 years ago
- This module installs and configures MISP (Malware Information Sharing Platform)☆14Dec 29, 2025Updated last month
- Fast lookup server for NSRL and other hash database used in digital forensic☆48Jan 26, 2026Updated 2 weeks ago
- Create Logstash events from the Okta API!☆19Nov 29, 2022Updated 3 years ago
- A golang implementation of a prefetch parser.☆20Oct 27, 2025Updated 3 months ago
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 3 months ago
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 4 years ago
- Python bindings for LZFSE☆18Jul 9, 2020Updated 5 years ago