Network Block Device Server for windows with a DFIR/forensic focus.
☆96Mar 31, 2017Updated 8 years ago
Alternatives and similar repositories for NBDServer
Users that are interested in NBDServer are comparing it to the libraries listed below
Sorting:
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- Python tools for IOC (Indicator of Compromise) handling☆96Nov 25, 2021Updated 4 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆45Sep 12, 2016Updated 9 years ago
- VMware Snapshot Forensic Comparison Scripts☆25Mar 19, 2013Updated 12 years ago
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Apr 28, 2016Updated 9 years ago
- Library and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files☆17Dec 19, 2025Updated 2 months ago
- Forensic Scanner☆41Nov 29, 2012Updated 13 years ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- Cli interface to threatcrowd.org☆20Jul 6, 2017Updated 8 years ago
- Windows Live Artifacts Acquisition Script☆190Jun 20, 2022Updated 3 years ago
- X-Ways C# X-Tension API☆15May 28, 2013Updated 12 years ago
- A Powershell script for frequency analysis of separated values data files.☆17Jan 22, 2014Updated 12 years ago
- Library and tools to access the Windows SuperFetch database format☆13Nov 29, 2025Updated 3 months ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Dec 8, 2016Updated 9 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Using osquery for Mass Incident Detection & Response☆19Jun 25, 2016Updated 9 years ago
- Scripts and Modules for forensical analyses of mysql database systems☆22Sep 19, 2014Updated 11 years ago
- DEPRECATED! LOOK AT CREDNINJA! A tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a …☆15Jun 24, 2016Updated 9 years ago
- Python script for extracting USB information from Windows registry hives☆128Aug 14, 2019Updated 6 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆41Jul 29, 2020Updated 5 years ago
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated 2 years ago
- Digital Forensics Virtual File System (dfVFS)☆217Feb 15, 2026Updated 2 weeks ago
- DEPRECATED USE v3!☆59Sep 8, 2015Updated 10 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- Tool to extract the $UsnJrnl from an NTFS volume☆109Jul 30, 2019Updated 6 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.☆39Apr 11, 2020Updated 5 years ago
- An NTFS journal parser☆80Mar 3, 2016Updated 9 years ago
- Kirjuri is a web application for managing cases and physical forensic evidence items.☆107May 7, 2021Updated 4 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- Coming to a place near you.....☆25Jun 29, 2015Updated 10 years ago
- Commandline low level file extractor for NTFS☆307Jul 30, 2019Updated 6 years ago
- MantaRay Automated Computer Forensic Triage Tool☆65Feb 19, 2019Updated 7 years ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆41Jan 20, 2023Updated 3 years ago
- parser for Google search strings☆40Sep 14, 2019Updated 6 years ago
- Simple Imaging. Tactical Triage. Zero Clicks.☆19Oct 31, 2017Updated 8 years ago
- Dll injector POC for new handle stealing technique☆21Oct 8, 2017Updated 8 years ago