Eric Zimmerman RSS

Unique Pageviews2,065
Rating
Star00Star00Star00Star00Star00
Website Clicks1,121

Lnk file parser

Unique Pageviews2,166
Rating
Star00Star00Star00Star00Star00
Website Clicks1,284

Unique Pageviews3,069
Rating
Star00Star00Star00Star00Star00
Website Clicks1,665

Eric Zimmerman bstrings Popular

0 reviews

Unique Pageviews2,894
Rating
Star00Star00Star00Star00Star00
Website Clicks1,224

Event log (evtx) parser with standardized CSV, XML, and json output! Custom maps, locked file support, and more!

Unique Pageviews2,317
Rating
Star00Star00Star00Star00Star00
Website Clicks404

Standalone, zero dependency viewer for .doc, .docx, .xls, .xlsx, .txt, .log, .rtf, .otd, .htm, .html, .mht, .csv, and .pdf. Any non-supported files are shown in a hex editor (with data interpreter!)

Unique Pageviews1,810
Rating
Star00Star00Star00Star00Star00
Website Clicks381

Eric Zimmerman Hasher Popular

0 reviews

Unique Pageviews5,126
Rating
Star00Star00Star00Star00Star00
Website Clicks1,655

geolocate ip addresses in IIS ...
Read More...

Unique Pageviews3,478
Rating
Star00Star00Star00Star00Star00
Website Clicks1,436

Unique Pageviews3,263
Rating
Star00Star00Star00Star00Star00
Website Clicks1,448

Eric Zimmerman KAPE Popular

0 reviews

Kroll Artifact Parser and Extractor (KAPE) is primarily a triage program that will target a device or storage location, find the most forensically relevant artifacts (based on your needs), and parse them within a few minutes. Because of its speed, KAPE ...
Read More...

Unique Pageviews3,604
Rating
Star00Star00Star00Star00Star00
Website Clicks670

Eric Zimmerman LECmd Popular

0 reviews

Unique Pageviews5,138
Rating
Star00Star00Star00Star00Star00
Website Clicks1,463

Eric Zimmerman MFTECmd Popular

0 reviews

$MFT parser

Unique Pageviews3,743
Rating
Star00Star00Star00Star00Star00
Website Clicks767

Eric Zimmerman PECmd Popular

0 reviews

Unique Pageviews3,211
Rating
Star00Star00Star00Star00Star00
Website Clicks1,233

Eric Zimmerman RBCmd Popular

★★★★
0 reviews

Recycle Bin artifact (INFO2/$I) parser

Unique Pageviews2,239
Rating
Star10Star10Star10Star10Star00
Website Clicks679
Votes1

RecentFileCache parser

Unique Pageviews2,298
Rating
Star00Star00Star00Star00Star00
Website Clicks658

Registry Explorer is a new approach to interacting with Registry hives. It has several unique capabilities not found in other programs.

Unique Pageviews6,347
Rating
Star10Star10Star10Star10Star10
Website Clicks2,144
Votes1

SDB Explorer is a GUI program that allows for interacting with Microsoft Shim databases.

Unique Pageviews2,817
Rating
Star00Star00Star00Star00Star00
Website Clicks1,041

Unique Pageviews4,168
Rating
Star00Star00Star00Star00Star00
Website Clicks1,441

Eric Zimmerman Timeapp Popular

0 reviews

Unique Pageviews4,008
Rating
Star00Star00Star00Star00Star00
Website Clicks1,494

View CSV and Excel files, filter, group, sort, etc. with ease

Unique Pageviews3,167
Rating
Star00Star00Star00Star00Star00
Website Clicks694

Eric Zimmerman VSCMount Popular

0 reviews

A simple way to mount Volume Shadow Copies from the command line without having to do much of anything except provide the drive letter to where the VSCs are and where you want the VSCs to be mounted to.

The first requirement is having a sour ...
Read More...

Unique Pageviews2,538
Rating
Star00Star00Star00Star00Star00
Website Clicks865

WxTCmd is a parser for the new Windows 10 Timeline feature database.

Unique Pageviews2,576
Rating
Star10Star10Star10Star10Star10
Website Clicks940
Votes1

Eric Zimmerman XWFIM Popular

★★★★
0 reviews

Unique Pageviews4,213
Rating
Star10Star10Star10Star10Star00
Website Clicks1,693
Votes3