sdckey / EnScript-SamplesLinks
This repository is a collection of EnScript code samples for use in the OpenText Endpoint Forensic and OpenText Endpoint Investigator applications (formerly EnCase).
☆54Updated last month
Alternatives and similar repositories for EnScript-Samples
Users that are interested in EnScript-Samples are comparing it to the libraries listed below
Sorting:
- Example programs used in the automating DFIR series☆63Updated 6 years ago
- Tools from WFA 4/e, timeline tools, etc.☆141Updated last year
- General repository for compiled and uncompiled EnCase EnScripts☆46Updated 4 years ago
- Different DFIR and CTI utilities☆37Updated 5 years ago
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆67Updated 5 years ago
- This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, dire…☆54Updated 5 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆205Updated 3 years ago
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Volatility plugins created by the author☆44Updated 9 years ago
- Yet another registry parser☆134Updated 3 years ago
- Page File analysis tools.☆128Updated 9 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆340Updated 3 years ago
- Windows Live Artifacts Acquisition Script☆189Updated 3 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Updated 5 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆196Updated 5 months ago
- Dump of organized knowledge on DFIR☆135Updated 3 years ago
- PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.☆50Updated 7 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆38Updated 2 years ago
- Personal settings for X-Ways Forensics☆32Updated 3 years ago
- Tool suite for inspecting NTFS artifacts.☆224Updated last year
- Python script for extracting USB information from Windows registry hives☆128Updated 6 years ago
- ☆39Updated 6 years ago
- Parses IE's Automatic Crash Recovery Files☆16Updated 8 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated last year
- Library of python scripts to apply Data Science in several forensics artifacts☆31Updated 5 years ago
- Invoke-LiveResponse☆148Updated 3 years ago
- AuditParser☆60Updated 11 years ago
- Volatility plugins developed and maintained by the community☆21Updated 11 months ago
- Collection of SQL query templates for digital forensics use by platform and application.☆108Updated 4 years ago
- InvestigationPlaybookSpec☆73Updated 7 years ago