Digital Sleuth's Projects
A parser for Unified logging tracev3 files
VMware Workstation macOS
Python script for extracting USB information from Windows registry hives
Python script to parse the NTFS USN Journal
Digging Deeper....
Convert bootable DMG images for use in VMware Fusion
A VBA parser and emulation engine to analyze malicious macros.
Volatility 3 docker with Windows PDB's
Web App for Volatility framework
Carves and recreates VSS catalog and store from Windows disk image.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
We Vote's API application server written in Django/Python. Election data pulled from many sources, used by https://github.com/wevote/WebApp and WeVoteReactNative
WhatsApp Parser Toolset v1.21
Windows Forensics Environment Builder
WIN-FOR Documentation
PowerShell script for automation of routine tasks done after fresh installations of Windows 10 / Server 2016 / Server 2019
Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
Windows Privilege Escalation Techniques and Scripts
Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.
Windows Forensics Salt States
http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html
X-Ways Templates which are community generated
Fork of https://bitbucket.org/Alexander_Hanel/xxxswf