Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
☆371Dec 16, 2025Updated 2 months ago
Alternatives and similar repositories for libesedb
Users that are interested in libesedb are comparing it to the libraries listed below
Sorting:
- Active Directory forensic framework☆334Mar 24, 2022Updated 3 years ago
- Extensible Storage Engine (ESE) Database File Knowledge Base☆46Dec 23, 2025Updated 2 months ago
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- Tool to extract the $UsnJrnl from an NTFS volume☆109Jul 30, 2019Updated 6 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- Safe Rust API to libesedb☆12Sep 10, 2025Updated 5 months ago
- Comae Hibernation File Decompressor☆156Apr 1, 2023Updated 2 years ago
- Fix acquired .evt - Windows Event Log files (Forensics)☆18Mar 29, 2016Updated 9 years ago
- ☆432May 3, 2023Updated 2 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Library and tools to access the Windows Event Log (EVT) format☆60Dec 15, 2025Updated 2 months ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- Library and tools to access the GUID Partition Table (GPT) volume system format☆11Dec 20, 2025Updated 2 months ago
- Windows registry file format specification☆355Oct 27, 2018Updated 7 years ago
- Speeds up the extraction of password hashes from ntds.dit files. For use with the ntdsxtract project or the dshash script☆27Feb 1, 2024Updated 2 years ago
- Tool to parse SRU database☆25Mar 1, 2018Updated 8 years ago
- Go implementation of an Extensible Storage Engine parser☆32Feb 15, 2025Updated last year
- Directory Services Internals (DSInternals) PowerShell Module and Framework☆1,903Feb 9, 2026Updated 3 weeks ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- Repository containing many useful scripts☆75Mar 30, 2022Updated 3 years ago
- NTDS.dit offline dumper with non-elevated☆221Jan 17, 2018Updated 8 years ago
- Exploit the credentials present in files and memory☆842May 25, 2023Updated 2 years ago
- The Old BloodHound C# Ingestor (Deprecated)☆511Jun 22, 2022Updated 3 years ago
- A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.☆735Jun 5, 2025Updated 9 months ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,428Nov 16, 2023Updated 2 years ago
- POC for IAT Parsing Payloads☆48Jan 1, 2017Updated 9 years ago
- A graphical ESE (aka ESENT or JET) database viewer.☆25Oct 26, 2015Updated 10 years ago
- Web App for Volatility framework☆390Jan 13, 2026Updated last month
- ☆1,489Dec 31, 2022Updated 3 years ago
- This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.…☆70Dec 5, 2016Updated 9 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- Tool suite for inspecting NTFS artifacts.☆226Nov 1, 2023Updated 2 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆842Jun 25, 2024Updated last year
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Apr 28, 2016Updated 9 years ago
- A Generic Windows Memory Scraping Tool☆70Apr 20, 2017Updated 8 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.☆141Mar 7, 2018Updated 8 years ago