Last active
April 5, 2022 11:35
-
-
Save Beercow/f8d43591c960f6fff1451ab5a6f629bc to your computer and use it in GitHub Desktop.
Revisions
-
Beercow revised this gist
Feb 1, 2019 . 1 changed file with 90 additions and 36 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,5 @@ [General] SoftwareCount=21 GroupCount=3 Name=Eric Zimmerman Tools @@ -15,137 +15,191 @@ ShowAll=1 [Software0] exe=AmcacheParser.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/AmcacheParser.zip group=0 Name=AmcacheParser AppName=AmcacheParser ShortDesc=Amcache.hve parser with lots of extra features. Handles locked files LongDesc= [Software1] exe=AppCompatCacheParser.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/AppCompatCacheParser.zip group=0 Name=AppCompatCacheParser AppName=AppCompatCacheParser ShortDesc=AppCompatCache aka ShimCache parser. Handles locked files LongDesc= [Software2] exe=JumpList Explorer\JLECmd.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/JLECmd.zip group=0 Name=JLECmd AppName=JLECmd ShortDesc=Jump List parser LongDesc= [Software3] exe=JumpList Explorer\JumpListExplorer.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/JumpListExplorer.zip group=1 Name=JumpListExplorer AppName=JumpListExplorer ShortDesc=GUI based Jump List viewer LongDesc= [Software4] exe=LECmd.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/LECmd.zip group=0 Name=LECmd AppName=LECmd ShortDesc=Parse lnk files LongDesc= [Software5] exe=MFTECmd.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/MFTECmd.zip group=0 Name=MFTECmd AppName=MFTECmd ShortDesc=$MFT, $Boot, $J, $SDS, and $LogFile parser. Handles locked files LongDesc= [Software6] exe=PECmd.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/PECmd.zip group=0 Name=PECmd AppName=PECmd ShortDesc=Prefetch parser LongDesc= [Software7] exe=RecentFileCacheParser.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/RecentFileCacheParser.zip group=0 Name=RecentFileCacheParser AppName=RecentFileCacheParser ShortDesc=RecentFileCache parser LongDesc= [Software8] exe=ShellBags Explorer\SBECmd.exe url=https://ericzimmerman.github.io/Software/SDBExplorer.zip group=0 Name=SBECmd AppName=SBECmd ShortDesc=Shellbags parser LongDesc= [Software9] exe=SDBExplorer\SDBExplorer.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/SDBExplorer.zip group=1 Name=SDBExplorer AppName=SDBExplorer ShortDesc=Shim database GUI LongDesc= [Software10] exe=ShellBags Explorer\ShellBagsExplorer.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/ShellBagsExplorer.zip group=1 Name=ShellBagsExplorer help=ShellBags Explorer\ShellBagsExplorerManual.pdf AppName=ShellBagsExplorer ShortDesc=GUI for browsing shellbags data. Handles locked files LongDesc= [Software11] exe=Timeline explorer\TimelineExplorer.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/TimelineExplorer.zip group=1 Name=TimelineExplorer AppName=TimelineExplorer ShortDesc=View CSV and Excel files, filter, group, sort, etc. with ease LongDesc= [Software12] exe=WxTCmd.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/WxTCmd.zip group=0 Name=WxTCmd AppName=WxTCmd ShortDesc=Windows 10 Timeline database parser LongDesc= [Software13] exe=Registry Explorer RECmd\RegistryExplorer.exe help=Registry Explorer RECmd\RegistryExplorerManual.pdf url=Registy viewer with searching, multi-hive support, plugins, and more. Handles locked files group=1 Name=RegistryExplorer AppName=RegistryExplorer ShortDesc=Registy viewer with searching, multi-hive support, plugins, and more LongDesc= [Software14] exe=Registry Explorer RECmd\RECmd\RECmd.exe url=Registy viewer with searching, multi-hive support, plugins, and more. Handles locked files group=0 Name=RECmd AppName=RECmd ShortDesc=Registy viewer with searching, multi-hive support, plugins, and more LongDesc= [Software15] exe=VSCMount.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/VSCMount.zip group=0 Name=VSCMount AppName=VSCMount ShortDesc=VSCMount. Mount all VSCs on a drive letter to a given mount point LongDesc= [Software16] exe=hasher\Hasher.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/hasher.zip group=1 Name=Hasher AppName=Hasher ShortDesc=Hash all the things LongDesc= [Software17] exe=bstrings.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/bstrings.zip group=0 Name=Bstrings AppName=Bstrings ShortDesc=Find them strings yo. Built in regex patterns. Handles locked files LongDesc= [Software18] exe=RBCmd.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/RBCmd.zip group=0 Name=RBCmd AppName=RBCmd ShortDesc=Recycle Bin artifact (INFO2/$I) parser LongDesc= [Software19] exe=TimeApp.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/TimeApp.zip group=1 Name=TimeApp AppName=TimeApp ShortDesc= A simple app that shows current time (local and UTC) and optionally, public IP address. Great for testing LongDesc= [Software20] exe=iisGeolocate\iisGeolocate.exe url=https://f001.backblazeb2.com/file/EricZimmermanTools/iisGeolocate.zip group=0 Name=iisGeolocate AppName=isiGeolocate ShortDesc=Geolocate IP addresses found in IIS logs LongDesc= -
Jul 17, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,151 @@ [General] SoftwareCount=15 GroupCount=3 Name=Eric Zimmerman Tools [Group0] name=Command-Line Utilities [Group1] name=GUI Utilities [Group2] name=All Utilities ShowAll=1 [Software0] exe=AmcacheParser.exe url=https://ericzimmerman.github.io/Software/AmcacheParser.zip group=0 Name=AmcacheParser AppName=AmcacheParser ShortDesc= LongDesc= [Software1] exe=AppCompatCacheParser.exe url=https://ericzimmerman.github.io/Software/AppCompatCacheParser.zip group=0 Name=AppCompatCacheParser AppName=AppCompatCacheParser ShortDesc= LongDesc= [Software2] exe=JLECmd.exe url=https://ericzimmerman.github.io/Software/JLECmd.zip group=0 Name=JLECmd AppName=JLECmd ShortDesc= LongDesc= [Software3] exe=JumpListExplorer.exe url=https://ericzimmerman.github.io/Software/JumpListExplorer.zip group=1 Name=JumpListExplorer AppName=JumpListExplorer ShortDesc= LongDesc= [Software4] exe=LECmd.exe url=https://ericzimmerman.github.io/Software/LECmd.zip group=0 Name=LECmd AppName=LECmd ShortDesc= LongDesc= [Software5] exe=MFTECmd.exe url=https://ericzimmerman.github.io/Software/MFTECmd.zip group=0 Name=MFTECmd AppName=MFTECmd ShortDesc= LongDesc= [Software6] exe=PECmd.exe url=https://ericzimmerman.github.io/Software/PECmd.zip group=0 Name=PECmd AppName=PECmd ShortDesc= LongDesc= [Software7] exe=RecentFileCacheParser.exe url=https://ericzimmerman.github.io/Software/RecentFileCacheParser.zip group=0 Name=RecentFileCacheParser AppName=RecentFileCacheParser ShortDesc= LongDesc= [Software8] exe=SBECmd.exe url=https://ericzimmerman.github.io/Software/SDBExplorer.zip group=0 Name=SBECmd AppName=SBECmd ShortDesc= LongDesc= [Software9] exe=SDBExplorer.exe url=https://ericzimmerman.github.io/Software/SDBExplorer.zip group=1 Name=SDBExplorer AppName=SDBExplorer ShortDesc= LongDesc= [Software10] exe=ShellBagsExplorer.exe url=https://ericzimmerman.github.io/Software/ShellBagsExplorer.zip group=1 Name=ShellBagsExplorer help=ShellBagsExplorerManual.pdf AppName=ShellBagsExplorer ShortDesc= LongDesc= [Software11] exe=Timeline explorer\TimelineExplorer.exe url=https://ericzimmerman.github.io/Software/TimelineExplorer.zip group=1 Name=TimelineExplorer AppName=TimelineExplorer ShortDesc= LongDesc= [Software12] exe=WxTCmd.exe url=https://ericzimmerman.github.io/Software/WxTCmd.zip group=0 Name=WxTCmd AppName=WxTCmd ShortDesc= LongDesc= [Software13] exe=Registry Explorer RECmd\RegistryExplorer.exe help=Registry Explorer RECmd\RegistryExplorerManual.pdf url=https://ericzimmerman.github.io/Software/RegistryExplorer_RECmd.zip group=1 Name=RegistryExplorer AppName=RegistryExplorer ShortDesc= LongDesc= [Software14] exe=Registry Explorer RECmd\RECmd\RECmd.exe url=https://ericzimmerman.github.io/Software/RegistryExplorer_RECmd.zip group=0 Name=RECmd AppName=RECmd ShortDesc= LongDesc=