Timestomper and Timestamp checker with nanosecond accuracy for NTFS volumes
☆53Sep 14, 2021Updated 4 years ago
Alternatives and similar repositories for nTimetools
Users that are interested in nTimetools are comparing it to the libraries listed below
Sorting:
- Tools for macOS Forensic Bootable media☆16May 20, 2020Updated 5 years ago
- Manipulate timestamps on NTFS☆53Nov 10, 2014Updated 11 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated last month
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Penguin OS Forensic (or Flight) Recorder☆40Mar 13, 2026Updated last week
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- Carve file metadata from NTFS index ($I30) attributes☆71Feb 3, 2024Updated 2 years ago
- Regipy is an os independent python library for parsing offline registry hives☆270Mar 5, 2026Updated 2 weeks ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- ☆11May 24, 2017Updated 8 years ago
- This is my own programming language called fluffy(similar to python)☆13Apr 12, 2020Updated 5 years ago
- Windows NTLM Authentication Backdoor☆16Jan 27, 2022Updated 4 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆79Jan 9, 2024Updated 2 years ago
- PoC that manipulates Windows file times using SetFileTime() API☆63May 25, 2019Updated 6 years ago
- A document tagging library☆33Mar 27, 2025Updated 11 months ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Basic Linux binary shim method on the passwd binary from the shadow package to steal credentials as they are changed.☆14Nov 14, 2024Updated last year
- Minimal AXIS2 webshell☆12Sep 7, 2014Updated 11 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Mar 12, 2024Updated 2 years ago
- نمونه سوالات و پاسخ های مصاحبه تست نفوذ برنامه های موبایل☆15Aug 21, 2023Updated 2 years ago
- Set up a quick and dirty audit log on an SQLite db.☆16May 16, 2013Updated 12 years ago
- Linux Kernel Module Rootkit with module hiding, RCE/reverse shell, and persistence capabilities☆15Feb 23, 2023Updated 3 years ago
- Linux rust keylogger☆18Mar 1, 2024Updated 2 years ago
- Data from analysis of the custom sample from the chapter "Practical Analysis and Test"☆12Aug 1, 2020Updated 5 years ago
- Solutions for various crackmes☆20Jan 13, 2013Updated 13 years ago
- Slides and material from my conference presentations☆16Mar 30, 2024Updated last year
- Python bindings for LZFSE☆18Jul 9, 2020Updated 5 years ago
- http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html☆127Jul 20, 2024Updated last year
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated last month
- Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets o…☆17Apr 6, 2023Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- My solutions for random crackmes and other challenges☆12Dec 23, 2019Updated 6 years ago
- An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.☆22Mar 12, 2026Updated last week
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 5 years ago