lxndrblz / forensicsim
A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and reactions from a Microsoft Teams IndexedDB LevelDB database.
☆89Updated 9 months ago
Alternatives and similar repositories for forensicsim:
Users that are interested in forensicsim are comparing it to the libraries listed below
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆52Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- A C# based tool for analysing malicious OneNote documents☆113Updated 2 years ago
- Initial triage of Windows Event logs☆97Updated 10 months ago
- USN Journal full path builder☆59Updated 7 months ago
- Forensic Artifact Collection Tool Matrix☆83Updated 5 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆70Updated last year
- Contains compiled binaries of Volatility☆33Updated 3 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆63Updated 3 weeks ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆109Updated last year
- Digital Forensics Artifacts Knowledge Base☆81Updated 11 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated last year
- Parses USB connection artifacts from offline Registry hives☆96Updated 2 months ago
- An exercise to practice deobfuscating PowerShell Scripts.☆28Updated 2 years ago
- A high-speed forensic timeline creation tool for DFIR Investigators to quickly combine CSV files from EZ Tools/Kape, Axiom, Hayabusa, Cha…☆42Updated this week
- Linux Baseline and Forensic Triage Tool - BETA☆55Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated 2 months ago
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆80Updated 4 months ago
- Dump quarantined files from Windows Defender☆62Updated 3 years ago
- Yara Rules for Modern Malware☆77Updated last year
- RegRipper4.0☆47Updated last year
- Detection Engineering with YARA☆87Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 5 months ago
- A simple script to read the contents of a zip/tar/folder and extract metadata☆19Updated last week
- Quick ESXi Log Parser☆19Updated 3 months ago
- Carve file metadata from NTFS index ($I30) attributes��☆63Updated last year
- ☆50Updated 3 months ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆194Updated 2 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago