Matthew Seyer's repositories
PancakeViewer
A DFVFS Backed Forensic Viewer
PyWindowsThingies
Windows Thingies in Python for live use.
RsWindowsThingies
Windows Thingies... but in Rust
pyshellitems
Python library and tools for handling shell items / property lists and stores / and extension blocks. This project is for learning purposes and is not maintained.
VanillaWindowsTools
Tools for parsing and playing with https://github.com/AndrewRathbun/VanillaWindowsReference data
JsonlTools
Tools for filtering and manipulating JSONL
MonitorUserAssist
Tool that can monitor the UserAssist registry keys and decode UserAssist structs in real-time. This project is for learning purposes and is not maintained.
ActivitiesCacheParser
Parse Windows ActivitiesCache to JSONL. This project is for learning purposes and is not maintained.
LogicalAvacado
A DFIR Tool for processing logical volumes and inserting records into ArangoDB. This project is for learning purposes and is not maintained.
LogicalRegTool
A registry tool that can be ran on a logical volume. JSONL output for NoSQL. This project is for learning purposes and is not maintained.
PyRustyUsn
Python bindings for RustyUsn
r-winstructs
Windows Structures in Rust. This Project is for learning purposes and is not maintained.
upcaseinfo-rs
$UpCase:$Info parsing tool/lib in Rust
WinObjectIdParser
ObjectID Parsers and Tools. This project is for learning purposes and is not maintained.
LogicalJmpLnkTool
A jumplist and link tool that can be ran on a logical volume. JSONL output for NoSQL. This project is for learning purposes and is not maintained.
r-shellitems
Shell Item Structures in Rust
SetupApiLogParser
Parse Setup API Logs to JSONL
upcaseinfo-py
$UpCase:$Info parsing tool/lib in Python
CtfdLogs2Arango
Ingest CTFd logs into ArangoDB
jmespath.rs
Rust implementation of JMESPath, a query language for JSON
winapi-rs
Rust bindings to Windows API
