windows-forensics
There are 4 repositories under windows-forensics topic.
andyjsmith / Registry-Spy
Cross-platform registry browser for raw Windows registry files
Language:Python 67ExeSpy is a cross-platform PE viewer for EXE and DLL files
Language:Python 49Command Spy is a utility for monitoring the command line arguments of new processes on Windows. Made for CCDC.
Language:C# 9EvolvingSysadmin / Blue-Team-Toolkit
Tools and Techniques for Digital Forensics and Incident Response
mrajweir / LnkAnalyser
Python module for forensic analysis of Windows shortcuts (LNK files). You can install this package using pip install lnkanalyser
Language:Python 6mazyaar / Windows_Forensic_Investigation_8_parts
When conducting an investigation on a Windows machine there are 8 phase to go through, today we’ll discuss the first ‘Collecting Volatile Information’, and the rest will be explained in future topics
- Language:CSS 1
randomSapien / usbHound
Gives you the list of storage devices that has been connected to your windows machine
Language:Python 0computerforensicslab / windows-forensic-artifacts
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips with some examples. Work in progress!
