kacos2000/WindowsTimeline external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

kacos2000/WindowsTimeline

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/kacos2000/WindowsTimeline)

Close

kacos2000 / WindowsTimelineView on GitHubMore

• External links
• Readme badge

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

☆195Feb 16, 2023Updated 3 years ago

Alternatives and similar repositories for WindowsTimeline

Users that are interested in WindowsTimeline are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• kacos2000 / Win10

  View on GitHub
  Win 10/11 related research
  ☆198Dec 19, 2023Updated 2 years ago
• kacos2000 / Evtx_Log_Browser

  View on GitHub
  Evtx Log (xml) Browser
  ☆59Mar 12, 2023Updated 3 years ago
• bgrundy / cheatsheets-forensic

  View on GitHub
  Forensic cheatsheets for use with cheat
  ☆15Dec 2, 2021Updated 4 years ago
• kacos2000 / Win10LiveInfo

  View on GitHub
  Windows 10 Live Information viewer
  ☆39Jan 27, 2022Updated 4 years ago
• kacos2000 / Prefetch-Browser

  View on GitHub
  Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
  ☆65Dec 18, 2024Updated last year
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• 00010111 / gMetaDataParse

  View on GitHub
  ☆24Mar 12, 2025Updated last year
• theAtropos4n6 / Partition-4DiagnosticParser

  View on GitHub
  Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.
  ☆20Nov 28, 2023Updated 2 years ago
• kacos2000 / WinEDB

  View on GitHub
  Windows.EDB Browser
  ☆61Mar 6, 2023Updated 3 years ago
• AndrewRathbun / Awesome-KAPE

  View on GitHub
  A curated list of KAPE-related resources
  ☆185May 1, 2025Updated 11 months ago
• khyrenz / parseusbs

  View on GitHub
  Parses USB connection artifacts from offline Registry hives
  ☆107Feb 8, 2026Updated 2 months ago
• jjrboucher / MS-Word-Parser

  View on GitHub
  MS Word (DOCx) Parsing Tool
  ☆25Mar 14, 2026Updated 3 weeks ago
• zerber0s / mac_int

  View on GitHub
  macOS Artifact Intelligence Tool
  ☆13Apr 30, 2019Updated 6 years ago
• kacos2000 / OtherStuff

  View on GitHub
  Various Topics
  ☆18Apr 30, 2025Updated 11 months ago
• kacos2000 / Jumplist-Browser

  View on GitHub
  Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser
  ☆47Updated this week
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• trustedsec / User-Behavior-Mapping-Tool

  View on GitHub
  ☆171Aug 22, 2023Updated 2 years ago
• kacos2000 / MFT_Browser

  View on GitHub
  $MFT directory tree reconstruction & FILE record info
  ☆328Oct 7, 2024Updated last year
• stuxnet999 / EventTranscriptParser

  View on GitHub
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Sep 13, 2023Updated 2 years ago
• msuhanov / dfir_ntfs

  View on GitHub
  An NTFS/FAT parser for digital forensics & incident response
  ☆225Oct 31, 2025Updated 5 months ago
• jjrboucher / PDF-Processing

  View on GitHub
  Script to process PDF files
  ☆21May 23, 2025Updated 10 months ago
• net-protect / google-fs-recover

  View on GitHub
  Google Filestream Forensic Tool
  ☆22Mar 10, 2022Updated 4 years ago
• mnrkbys / macosac

  View on GitHub
  Forensic Artifact Collection Tool for macOS
  ☆119Jul 28, 2025Updated 8 months ago
• Recruit-CSIRT / macApfsMounter

  View on GitHub
  A small tool to easily mount APFS image on macOS for forensics.
  ☆16Jul 30, 2020Updated 5 years ago
• MarkBaggett / ese-analyst

  View on GitHub
  This is a set of tools for doing forensics analysis on Microsoft ESE databases.
  ☆129Jan 31, 2022Updated 4 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• kev365 / ToolFetcher

  View on GitHub
  A tool for fetching DFIR and other GitHub tools.
  ☆27Aug 2, 2025Updated 8 months ago
• ANSSI-FR / DFIR-O365RC

  View on GitHub
  PowerShell module for Office 365 and Azure log collection
  ☆280Sep 22, 2025Updated 6 months ago
• Beercow / OneDriveExplorer

  View on GitHub
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆230Jan 6, 2026Updated 3 months ago
• strozfriedberg / sidr

  View on GitHub
  Search Index Database Reporter
  ☆134Oct 28, 2025Updated 5 months ago
• AndrewRathbun / DFIRArtifactMuseum

  View on GitHub
  The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…
  ☆648Nov 7, 2025Updated 5 months ago
• stuxnet999 / FileSigExtractor

  View on GitHub
  FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…
  ☆10Jul 15, 2023Updated 2 years ago
• AndrewRathbun / EventTranscript.db-Research

  View on GitHub
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆43Jul 18, 2022Updated 3 years ago
• cclgroupltd / mister-skinnylegs

  View on GitHub
  mister-skinnylegs is an open plugin framework for parsing website/webapp artifacts in browser data. It currently provides a command line …
  ☆20Nov 14, 2025Updated 4 months ago
• jklepsercyber / defender-detectionhistory-parser

  View on GitHub
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆117Jan 26, 2022Updated 4 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• Recruit-CSIRT / macOSTriageTool

  View on GitHub
  A DFIR tool to collect artifacts on macOS
  ☆56Mar 1, 2020Updated 6 years ago
• AmgdGocha / DriveFS-Sleuth

  View on GitHub
  DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…
  ☆88Dec 20, 2024Updated last year
• mnrkbys / ma2tl

  View on GitHub
  macOS forensic timeline generator using the analysis result DBs of mac_apt
  ☆93Sep 7, 2023Updated 2 years ago
• 3gbCyber / IR-Last-Write-Time

  View on GitHub
  Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
  ☆27Dec 1, 2022Updated 3 years ago
• dwmetz / CyberPipe

  View on GitHub
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆340Dec 3, 2025Updated 4 months ago
• kacos2000 / Queries

  View on GitHub
  SQLite queries
  ☆85Mar 8, 2023Updated 3 years ago
• abrignoni / VLEAPP

  View on GitHub
  Vehicle Logs Events And Properties Parser
  ☆92Sep 27, 2025Updated 6 months ago