forensenellanebbia / xways-forensicsView external linksLinks
Personal settings for X-Ways Forensics
☆32Apr 28, 2022Updated 3 years ago
Alternatives and similar repositories for xways-forensics
Users that are interested in xways-forensics are comparing it to the libraries listed below
Sorting:
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- X-Ways Forensic/ WinHex templates☆50Jan 25, 2022Updated 4 years ago
- An advanced parser for INDX records☆29Aug 7, 2019Updated 6 years ago
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- A dedicated repo to interact with the API of Timesketch☆12Sep 17, 2021Updated 4 years ago
- $MFT directory tree reconstruction & FILE record info☆325Oct 7, 2024Updated last year
- Windows.EDB Browser☆60Mar 6, 2023Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 2 months ago
- Binaries for the log2timeline projects and dependencies☆40Feb 8, 2026Updated last week
- Automatic log parser to support forensic analysis☆11Jan 7, 2019Updated 7 years ago
- Various Topics☆18Apr 30, 2025Updated 9 months ago
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 7 years ago
- CDPO is a tool to validate, de-duplicate, combine, query, and encrypt track data recovered from a breach.☆15Jun 23, 2017Updated 8 years ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆42Updated this week
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆18Jul 18, 2023Updated 2 years ago
- Toolset to analyze disks encrypted with McAFee FDE technology☆19Mar 11, 2021Updated 4 years ago
- Automated forensics written in PowerShell☆34Sep 29, 2019Updated 6 years ago
- Winbuilder Mini-WinFE☆16Jul 17, 2023Updated 2 years ago
- Parses KAPE module files and downloads binaries referenced by BinaryURL☆18Oct 2, 2019Updated 6 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- ☆20Jan 10, 2025Updated last year
- ☆21May 8, 2022Updated 3 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Library to process OLE compound file format. This is a work in progress and was initially written for jumplist parsing (for which it does…☆19Feb 2, 2025Updated last year
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated last year
- Parser for $LogFile on NTFS☆212Jun 1, 2025Updated 8 months ago
- Papers and Presentations from the DFRWS Conferences☆20Jul 12, 2022Updated 3 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 5 years ago
- Recover EXT filesystem info from carved directory blocks☆19Jun 23, 2017Updated 8 years ago
- geolocate ip addresses in IIS logs☆20Jan 8, 2025Updated last year
- ☆92Jul 30, 2025Updated 6 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Jul 27, 2022Updated 3 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 3 years ago
- C# Library and research notes for Windows 11 Notepad State Files☆27Oct 30, 2025Updated 3 months ago
- Blueteam operational triage registry hunting/forensic tool.☆149Sep 2, 2025Updated 5 months ago
- NTFS samples☆27Aug 1, 2020Updated 5 years ago
- iOS Backup Examiner - A forensics tool for parsing an iOS backup's Info.plist file☆23Dec 5, 2016Updated 9 years ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 2 years ago