libyal / libesedbLinks
Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
☆362Updated last year
Alternatives and similar repositories for libesedb
Users that are interested in libesedb are comparing it to the libraries listed below
Sorting:
- ☆427Updated 2 years ago
- Commandline low level file extractor for NTFS☆299Updated 6 years ago
- Active Directory forensic framework☆324Updated 3 years ago
- Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)☆359Updated 7 years ago
- Library and tools to access the Windows XML Event Log (EVTX) format☆212Updated 11 months ago
- PowerShell Obfuscation Detection Framework☆746Updated last year
- ☆278Updated 2 years ago
- Executes PowerShell from an unmanaged process☆503Updated 9 years ago
- Module to provide PowerShell functions that abstract Win32 API functions☆249Updated last year
- Log newly created WMI consumers and processes to the Windows Application event log☆124Updated 7 years ago
- random powershell goodness☆456Updated 10 months ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆496Updated last month
- Volatility plugins developed and maintained by the community☆365Updated 4 years ago
- Tool suite for inspecting NTFS artifacts.☆224Updated last year
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆148Updated 7 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆657Updated 6 years ago
- Replay RDP traffic from PCAP☆199Updated 6 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆426Updated 4 years ago
- Pure Python parser for Windows Registry hives.☆434Updated 7 months ago
- Sysmon Tools for PowerShell☆232Updated 7 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆385Updated last year
- Parser for $LogFile on NTFS☆203Updated 3 months ago
- Remote execution, like PsExec☆579Updated 7 months ago
- A VBA p-code disassembler☆476Updated 4 years ago
- Extract $MFT record info and log it to a csv file.☆278Updated 11 months ago
- Windows registry file format specification☆345Updated 6 years ago
- Easily define in-memory enums, structs, and Win32 functions in PowerShell☆225Updated 6 years ago
- WSUSpect Proxy - a tool for MITM'ing insecure WSUS connections☆241Updated 8 years ago
- Currently not updated for WMIEvent module...☆262Updated 9 years ago
- A YARA-integrated process denial framework for Windows☆396Updated 5 years ago