Eric Zimmerman has released a new tool. This time it’s Recycle Bin artifact parser called RBCmd. It supports both INFO2 and $I formats. You can download the tool here.
-
Recover Deleted Records in Windows.edb with WinSearchDBAnalyzer
WinSearchDBAnalyzer by Jeonghyeon Kim can parse normal records and recover deleted records… -
Visual Analysis with ProcDOT
In the new episode of “Introduction to Malware Analysis” series Richard Davis … -
Amcache Forensics: Populated or Not?
New Sunday – new Funday! This week’s Sunday Funday presented the following cha…
Load More Related Articles
-
Recover Deleted Records in Windows.edb with WinSearchDBAnalyzer
WinSearchDBAnalyzer by Jeonghyeon Kim can parse normal records and recover deleted records… -
UnifiedLogReader: A parser for Unified logging .tracev3 files
Yogesh Khatri has made public his Unified Logging parser – UnifiedLogReader. It̵… -
Malice: Open Source Malware Analysis Framework
Malice’s mission is to be a free open source version of VirusTotal that anyone can u…
Load More In Software
