log2timeline / dfwinreg
Digital Forensics Windows Registry (dfWinReg)
☆49Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for dfwinreg
- Yet another registry parser☆129Updated 2 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 3 years ago
- An NTFS journal parser☆82Updated 8 years ago
- Extract compressed memory pages from page-aligned data☆41Updated 6 years ago
- Example programs used in the automating DFIR series☆64Updated 5 years ago
- Decode security descriptors in $Secure on NTFS☆20Updated 2 years ago
- Some dfir stuff☆31Updated 2 years ago
- AuditParser☆58Updated 11 years ago
- ☆82Updated 8 years ago
- Different DFIR and CTI utilities☆36Updated 4 years ago
- Registry Explorer bookmark definitions☆41Updated last year
- Carves EXEs from given data files, using intelligent carving based upon PE headers☆36Updated 7 years ago
- Windows registry samples☆23Updated 5 years ago
- AFF4 Standard Documents☆25Updated 2 years ago
- Binaries for the log2timeline projects and dependencies�☆38Updated last month
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Updated 5 years ago
- Windows Thingies in Python for live use.☆24Updated 5 years ago
- MantaRay Automated Computer Forensic Triage Tool☆63Updated 5 years ago
- Tool to parse SRU database☆24Updated 6 years ago
- Python IOC Editor☆61Updated 9 years ago
- Useful scripts, rules etc. for use with YARA☆27Updated 3 years ago
- Various DFIR Tools☆26Updated 6 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 7 years ago
- Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.☆37Updated 4 years ago
- onigiri - remote malware triage script☆24Updated 9 years ago
- Checks with NSRL RDS servers looking for for hash matches☆111Updated 3 years ago
- A Windows Event Processing Utility☆46Updated 6 years ago