Tools

A list of tools that I’ve created for use in Digital Investigations

USN Journal Extractor 2.0

A tool that allows you to extract Live and Deleted USN records from a mounted forensic image file or physical disk and places them in an SQLite database for easy searching and querying.

Download Journal Extractor here

X-Ways Templates

These are different templates that I have created to make manual review of hex structures easier:

SQLite Templates – Various SQLite templates, including those for Journal files are available below:

WAL Header – Download
WAL Frame Header – Download
SQLite3 Page Header – Download

Mega.nz megapreferences decryptor

Mega Decryptor python script – Download
Mega Decryptor Java file – Download
Mega Decryptor Java source file – Download

Details of their use can be seen in this

USN Journal Extractor 2.0

X-Ways Templates

Mega.nz megapreferences decryptor

Share this:

Like this: