volafox
0 (0)
A Python 2.x tool for memory analysis on Mac OS X systems with support for various OS versions and memory image export capabilities.
This tool can parse normal records and recover deleted records in Windows.edb, used in Windows Search. WinSearchDBAnalyzer can extract and analyze Windows.edb from live systems, showing more information than other tools, such as file categorization by extension, file hierarchy, and file contents. It can recover deleted records, works well on Windows 10, and can apply to UTC time, revealing data like Outlook Mail, OneNote, Internet History, Lnk list, Network Drive, Favorites, File and Folder Information, and Activity History.
A Python 2.x tool for memory analysis on Mac OS X systems with support for various OS versions and memory image export capabilities.
Analyzing WiFiConfigStore.xml file for digital forensics on Android devices.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
A repository containing material from a talk on sub-domain enumeration techniques
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
