mdawsonuk / LevelDBDumper
Dumps all of the Key/Value pairs from a LevelDB database
☆60Updated last year
Related projects: ⓘ
- Wrapper for TSK (Sleuth Kit) Bindings☆11Updated last year
- Carve file metadata from NTFS index ($I30) attributes☆58Updated 7 months ago
- MFT parser☆58Updated 6 months ago
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆19Updated 7 months ago
- A Windows registry file parser written in Rust☆35Updated last year
- Imphash-like calculation on Golang binaries☆48Updated 2 years ago
- NTFS file system specimens☆13Updated last year
- Fast, inline geolocation decoration of IPv4 and IPv6 addresses written in Rust☆25Updated 8 months ago
- A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…☆44Updated last year
- A parser for the MFT (Master File Table) format☆124Updated last year
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆109Updated 2 years ago
- YARA Language Server☆67Updated 5 months ago
- Go implementation of an Extensible Storage Engine parser☆26Updated 7 months ago
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆41Updated this week
- Timestomper and Timestamp checker with nanosecond accuracy for NTFS volumes☆43Updated 3 years ago
- YARI is an interactive debugger for YARA Language.☆86Updated 4 months ago
- extract and parse WEVT_TEMPLATEs from PE files☆17Updated 8 months ago
- Forensic framework to build tools that can be reused in multiple projects without changing anything☆19Updated 5 months ago
- ☆19Updated last year
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆13Updated last year
- NTFS samples☆24Updated 4 years ago
- USN Journal full path builder☆36Updated this week
- A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…☆72Updated 2 months ago
- Volatility, on Docker 🐳☆23Updated 2 months ago
- Command-line utility for multipattern search using liblightgrep☆58Updated last month
- Library to handle the files in zff format (file format to store and handle forensic acquisitions).☆20Updated 2 weeks ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Initial triage of Windows Event logs☆83Updated 3 months ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆19Updated 9 months ago
- SysInternals' Process Monitor filters repository - collected from various places and made up by myself. To be used for quick Behavioral a…☆62Updated 2 years ago