ArtifactExtractor
0 (0)
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
dfVFS, or Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats. The goal of dfVFS is to provide a generic interface for accessing file-system objects, for which it uses several back-ends that provide the actual implementation of the various storage media types, volume systems and file systems. For more information see: * Project documentation: https://dfvfs.readthedocs.io/en/latest
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
A repository containing material from a talk on sub-domain enumeration techniques
Modern digital forensics and incident response platform with comprehensive tools.
A library for working with Windows NT data types, providing access and manipulation functions.
ShadowCopy Analyzer is a tool for cybersecurity researchers to analyze and utilize the ShadowCopy technology for file recovery and system restoration.