libyal / libwtcdb
Library and tools to access the Windows (Vista/7) Explorer thumbnail cache database format (thumbcache.db)
☆16Updated 8 months ago
Alternatives and similar repositories for libwtcdb:
Users that are interested in libwtcdb are comparing it to the libraries listed below
- Library and tools to access the Master Boot Record (MBR) volume system format☆13Updated 10 months ago
- Library and tools to access the executable (EXE) format☆42Updated 10 months ago
- Library and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files☆16Updated 9 months ago
- AutoIt Analysis Library: Parser & Emulator For Malware Researchers☆21Updated 6 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Updated last year
- Dump Windows registry hives as text.☆16Updated 6 years ago
- Refs file system dumps analyzer.☆12Updated 6 years ago
- A repository of example plugins for Relyze Desktop.☆34Updated 5 years ago
- Library and tools to access the Extended File System☆17Updated 4 months ago
- Extract compressed memory pages from page-aligned data☆45Updated 6 years ago
- Automatically exported from code.google.com/p/reverse-engineering-scripts☆18Updated 10 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆27Updated 9 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆15Updated 8 years ago
- Based on http://windows-internals.com/source/files.html by Alex Ionescu☆23Updated 6 years ago
- ☆18Updated 11 years ago
- History and analysis of Windows desktop images☆17Updated 4 years ago
- Powerful commandline $MFT record editor.☆23Updated 9 years ago
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆26Updated last year
- Portable Executable launcher for Windows NT bypassing loader☆70Updated 3 months ago
- x64dbg scripts for finding OEP of packers☆14Updated 6 years ago
- Library for binary signature scanning.☆28Updated 8 months ago
- A hooking library with a MinHook-like API and a Detours-like implementation, with support for the x86, x64, and ARM64 platforms☆19Updated last week
- Library for Windows XML Event Log (EVTX) data types☆18Updated 7 months ago
- All TMF files that I extracted from Microsoft PDBs.☆12Updated 5 years ago
- API for bulk_extractor version 1.3☆13Updated last year
- Library and tools to access the Windows Hibernation File (hiberfil.sys) format☆13Updated 9 months ago
- Simple AutoIt crypter.☆11Updated 8 years ago
- Demonstrate the behavior of the tunnel cache on Windows☆9Updated 5 years ago
- Crash Windows 10 up to RS2 from an unprivileged process☆41Updated 7 years ago
- NTFS samples☆25Updated 4 years ago