Matthew Seyer's repositories
PancakeViewer
A DFVFS Backed Forensic Viewer
PyWindowsThingies
Windows Thingies in Python for live use.
RsWindowsThingies
Windows Thingies... but in Rust
pyshellitems
Python library and tools for handling shell items / property lists and stores / and extension blocks. This project is for learning purposes and is not maintained.
VanillaWindowsTools
Tools for parsing and playing with https://github.com/AndrewRathbun/VanillaWindowsReference data
ActivitiesCacheParser
Parse Windows ActivitiesCache to JSONL. This project is for learning purposes and is not maintained.
aws-snap-io
Library for implementing Read Seek ontop of an AWS Snapshot
JsonlTools
Tools for filtering and manipulating JSONL
MonitorUserAssist
Tool that can monitor the UserAssist registry keys and decode UserAssist structs in real-time. This project is for learning purposes and is not maintained.
LogicalRegTool
A registry tool that can be ran on a logical volume. JSONL output for NoSQL. This project is for learning purposes and is not maintained.
PyRustyUsn
Python bindings for RustyUsn
sans509-helpers
Just a quick script to parse load balancer logs into json
WinObjectIdParser
ObjectID Parsers and Tools. This project is for learning purposes and is not maintained.
LogicalAvacado
A DFIR Tool for processing logical volumes and inserting records into ArangoDB. This project is for learning purposes and is not maintained.
LogicalJmpLnkTool
A jumplist and link tool that can be ran on a logical volume. JSONL output for NoSQL. This project is for learning purposes and is not maintained.
snapio-evtx-extractor
Tool that uses aws-snap-io and libtsk to extract EVTX files from an AWS snapshot.
upcaseinfo-py
$UpCase:$Info parsing tool/lib in Python
upcaseinfo-rs
$UpCase:$Info parsing tool/lib in Rust
r-shellitems
Shell Item Structures in Rust
SetupApiLogParser
Parse Setup API Logs to JSONL
CtfdLogs2Arango
Ingest CTFd logs into ArangoDB
jmespath.rs
Rust implementation of JMESPath, a query language for JSON