Become a sponsor to Eric
I work on all manner of forensic tools and parsers, written in C#. They are primarily written for parsing Windows artifacts such as Registry hives, NTFS files such as $MFT, lnk files, jump lists, and so on.
I initially write the parsers for the artifacts, then wrap the parser in a CLI and/or GUI interface.
All of my software is and will remain free of charge, so your support is appreciated!
Featured work
-
EricZimmerman/KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
-
EricZimmerman/Registry
Full featured, offline Registry parser in C#
C# 225 -
EricZimmerman/evtx
C# based evtx parser with lots of extras
C# 283 -
EricZimmerman/LECmd
Lnk Explorer Command line edition!!
C# 280 -
EricZimmerman/PECmd
Prefetch Explorer Command Line
C# 226 -
EricZimmerman/bstrings
A better strings utility!
C# 121