lxndrblz / forensicsimLinks
A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and reactions from a Microsoft Teams IndexedDB LevelDB database.
☆94Updated 11 months ago
Alternatives and similar repositories for forensicsim
Users that are interested in forensicsim are comparing it to the libraries listed below
Sorting:
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- ☆68Updated 6 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- Contains compiled binaries of Volatility☆34Updated last month
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆76Updated last year
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆82Updated 6 months ago
- USN Journal full path builder☆60Updated 9 months ago
- Initial triage of Windows Event logs☆99Updated last year
- Quick ESXi Log Parser☆21Updated 5 months ago
- Linux Baseline and Forensic Triage Tool - BETA☆55Updated 2 years ago
- Recycle bin artifact parser☆49Updated 4 months ago
- macOS Artifacts☆30Updated 3 months ago
- ☆53Updated 2 months ago
- Digital Forensics Artifacts Knowledge Base☆82Updated last year
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆32Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆79Updated last month
- Regexplore is a Volatility plugin designed to mimic the functionality of the Registry Explorer plugins in EZsuite☆17Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 4 months ago
- Baseline a Windows System against LOLBAS☆27Updated last year
- Parses USB connection artifacts from offline Registry hives☆99Updated 2 weeks ago
- Carve file metadata from NTFS index ($I30) attributes☆66Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆75Updated last week
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆109Updated last year
- An exercise to practice deobfuscating PowerShell Scripts.☆27Updated 2 years ago
- Detection Engineering with YARA☆87Updated last year
- ☆88Updated last year
- ☆66Updated 2 years ago
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆104Updated this week
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 2 weeks ago