jschicht / EaToolsLinks
Analysis and manipulation of extended attribute ($EA) on NTFS
☆38Updated 10 years ago
Alternatives and similar repositories for EaTools
Users that are interested in EaTools are comparing it to the libraries listed below
Sorting:
- A set of tools to retrieve and parse TCG measured boot logs. Microsoft refers to these as Windows Boot Confirguration Logs (WBCL). In ord…☆60Updated 7 years ago
- A collection of free miscellaneous Windows tools☆135Updated last week
- The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Micro…☆151Updated 5 years ago
- Named pipe I/O ETW provider for Windows☆70Updated 5 years ago
- Parse Microsoft shim databases☆30Updated 6 months ago
- WNF Utilities 4 Newbies (WNFUN)☆96Updated 6 years ago
- Expand compressed files from WinSxS folder☆159Updated 3 weeks ago
- Lnk file parser☆88Updated 2 months ago
- Enhanced version of the GFlags tool☆84Updated 6 years ago
- A PowerShell module to assist in parsing and managing catalog files.☆22Updated 8 years ago
- A GUI version of the classic PoolMon tool☆116Updated 7 years ago
- The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, wi…☆146Updated 4 years ago
- AppContainer and LPAC (Less Privileged AppContainer) Launcher with Capabilities☆59Updated 10 months ago
- Library and tools to access the Windows Prefetch File (SCCA) format.☆76Updated 7 months ago
- Library and tools to access the Windows NT Registry File (REGF) format☆124Updated 11 months ago
- Parser to process monitor file formats☆148Updated 2 years ago
- DotNext 2019 St. Petersburg Talk Demos☆40Updated 6 years ago
- Windows registry file format specification☆341Updated 6 years ago
- Powerful commandline $MFT record editor.☆24Updated 9 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆31Updated 4 years ago
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆67Updated 3 years ago
- Example/starter code for custom Windows application compatibility shims☆35Updated 4 years ago
- Windows Rregistry Linking Utility☆51Updated 4 years ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆162Updated 7 months ago
- Tool to view and create Microsoft shim database files (SDB).☆115Updated 8 years ago
- Security testing tools for Windows sandboxing technologies☆171Updated 2 months ago
- BCD is a module to interact with boot configuration data (BCD) either locally or remotely using the ROOT/WMI:Bcd* WMI classes. The functi…☆61Updated 4 years ago
- Library to access the Windows Shell Item format☆72Updated last year
- Open source implementations of Microsoft compression algorithms☆212Updated 4 years ago
- Enumerate Windows Defender threat families and dump their names according category☆90Updated 6 years ago