Windows Forensics
Browse 7 windows forensics tools
FEATURED
Standalone DFIR data collector for Windows systems with adaptive collection
Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
A library for accessing and parsing Windows NT Registry File (REGF) format files, designed for digital forensics and registry analysis applications.
A digital forensics tool that extracts and analyzes Windows AppCompat and AmCache registry data for enterprise-scale forensic investigations.
Automated tool for parsing Windows registry hives and extracting valuable information for forensic analysis.
A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.
