libyal / libesedb
Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
☆348Updated 8 months ago
Alternatives and similar repositories for libesedb:
Users that are interested in libesedb are comparing it to the libraries listed below
- Active Directory forensic framework☆323Updated 3 years ago
- ☆429Updated last year
- Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)☆347Updated 7 years ago
- Commandline low level file extractor for NTFS☆285Updated 5 years ago
- ☆276Updated 2 years ago
- Tool suite for inspecting NTFS artifacts.☆221Updated last year
- PowerShell Obfuscation Detection Framework☆735Updated last year
- ☆302Updated 4 years ago
- ☆394Updated 4 years ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆474Updated 6 months ago
- Executes PowerShell from an unmanaged process☆487Updated 9 years ago
- Volatility plugins developed and maintained by the community☆360Updated 4 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Updated 7 years ago
- ☆507Updated 4 years ago
- Extract $MFT record info and log it to a csv file.☆269Updated 6 months ago
- Not PowerShell☆446Updated 8 years ago
- Some PowerShell Stuff☆281Updated 2 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆835Updated 7 years ago
- Module to provide PowerShell functions that abstract Win32 API functions☆246Updated 10 months ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Updated 7 years ago
- Full featured, offline Registry parser in C#☆229Updated 3 months ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆148Updated 7 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆281Updated 7 years ago
- Library and tools to access the Windows XML Event Log (EVTX) format☆199Updated 7 months ago
- Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec☆450Updated 9 years ago
- Comae Hibernation File Decompressor☆148Updated 2 years ago
- random powershell goodness☆445Updated 5 months ago
- Sysmon Tools for PowerShell☆229Updated 6 years ago
- Parser for $LogFile on NTFS☆193Updated last year
- Reconstruct process trees from event logs☆147Updated 4 years ago