kacos2000 / Win10
Win 10/11 related research
☆177Updated 10 months ago
Related projects ⓘ
Alternatives and complementary repositories for Win10
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆177Updated last year
- Command line access to the Registry☆130Updated last week
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆105Updated 3 months ago
- ☆60Updated last week
- Yet another registry parser☆129Updated 2 years ago
- $MFT directory tree reconstruction & FILE record info☆292Updated last month
- Extract common Windows artifacts from source images and VSCs☆65Updated 3 years ago
- Windows Registry Knowledge Base☆162Updated last month
- Parser for $UsnJrnl on NTFS☆108Updated last year
- MFT parser☆61Updated 7 months ago
- An NTFS/FAT parser for digital forensics & incident response☆191Updated this week
- Tools from WFA 4/e, timeline tools, etc.☆132Updated 8 months ago
- http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html☆118Updated 3 months ago
- A modern Python-3-based alternative to RegRipper☆187Updated this week
- Documentation repository☆43Updated 2 months ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆63Updated last year
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆145Updated last month
- A better strings utility!☆120Updated last year
- AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10☆109Updated last week
- Tool suite for inspecting NTFS artifacts.☆216Updated last year
- Automatic and Custom Destinations jump list parser with Windows 10 support☆74Updated last year
- Personal settings for X-Ways Forensics☆32Updated 2 years ago
- ☆148Updated 2 weeks ago
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆123Updated 2 years ago
- Parses $MFT from NTFS file systems☆198Updated last week
- A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…☆43Updated last year
- Get all my software☆141Updated last month
- Tool to extract the $UsnJrnl from an NTFS volume☆105Updated 5 years ago
- Invoke-LiveResponse☆145Updated 2 years ago
- Parser for $LogFile on NTFS☆189Updated 11 months ago