Timestomper and Timestamp checker with nanosecond accuracy for NTFS volumes
☆53Sep 14, 2021Updated 4 years ago
Alternatives and similar repositories for nTimetools
Users that are interested in nTimetools are comparing it to the libraries listed below
Sorting:
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Manipulate timestamps on NTFS☆52Nov 10, 2014Updated 11 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- Penguin OS Forensic (or Flight) Recorder☆40Dec 25, 2024Updated last year
- Carve file metadata from NTFS index ($I30) attributes☆71Feb 3, 2024Updated 2 years ago
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated last week
- NTFS samples☆27Aug 1, 2020Updated 5 years ago
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- My solutions for random crackmes and other challenges☆12Dec 23, 2019Updated 6 years ago
- Solutions for various crackmes☆20Jan 13, 2013Updated 13 years ago
- Golang Command & Control Server For Managing And Remote Accessing Machines Via Web Interface☆13Apr 13, 2023Updated 2 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- A Windows Event Log MCP☆40Aug 25, 2025Updated 6 months ago
- Parser for $UsnJrnl on NTFS☆120Nov 27, 2022Updated 3 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- Slides and material from my conference presentations☆16Mar 30, 2024Updated last year
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- Regipy is an os independent python library for parsing offline registry hives☆266Jan 22, 2026Updated last month
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- Decoders for 7ev3n ransomware☆17Oct 24, 2016Updated 9 years ago
- Data from analysis of the custom sample from the chapter "Practical Analysis and Test"☆12Aug 1, 2020Updated 5 years ago
- My solutions for HackSys Extreme Vulnerable Driver☆12Apr 22, 2018Updated 7 years ago
- Basic Linux binary shim method on the passwd binary from the shadow package to steal credentials as they are changed.☆14Nov 14, 2024Updated last year
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago
- Brew Local Privilege Escalation exploit on Intel macOS☆19Mar 6, 2024Updated last year
- Generate MAEC XML from Ero Carrera's pefile output☆15Mar 6, 2017Updated 8 years ago
- ☆13Apr 6, 2016Updated 9 years ago
- A Golang Registry parser☆19Feb 3, 2025Updated last year
- An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.☆22Feb 21, 2026Updated last week
- ☆15Sep 26, 2022Updated 3 years ago
- Autopsy Module to analyze Registry Hives☆16Feb 18, 2022Updated 4 years ago
- Linux Kernel Module Rootkit with module hiding, RCE/reverse shell, and persistence capabilities☆15Feb 23, 2023Updated 3 years ago
- This is my own programming language called fluffy(similar to python)☆13Apr 12, 2020Updated 5 years ago