easyMFT [PowerShell] →
The script aims to facilitate live forensic analysis on an active system by simplifying the use of the Master File Table (MFT). It allows on-site investigation of existing and former files based on MFT, enabling quick searches. This script is designed for scenarios where forensic analysts need to perform live investigations on active systems, leveraging the MFT for efficient file information retrieval.
favorites [PHP] →
Simple Web-Link-Tracker is a simple script that saves URLs submitted via a bookmarklet. The saved links are stored in a JSON file. A session ID is used to avoid IP tracking. There are also some security measures to prevent unwanted access and blacklisting. Considering the fact that no database is used, the performance is only acceptable for a small number of URLs. However, performance may decrease for a large number of links, since the entire JSON array must be loaded and stored for each read or write. However, this is perfectly adequate for personal use.
gpcleaner [Python] →
A small Python script that cleans a password list generated by Magnet GreyKey based on user input. The script reads a text file (passwords.txt) and writes filtered values to an output file. Filtering is based on a prefix (item value), a minimum password length (default 4) and a maximum password length (default 64). After cleaning up the prefix, the system checks whether a line begins with {" or [". These lines are also not included in the output file. Duplicate entries are also filtered. These filter properties are used to create a good list of possible passwords.
obsource [Python] →
This is a Python script designed to obscure or deobscure Python source code files. It utilizes a simple byte-shifting algorithm based on a user-provided seed value for the transformation process. The script can be operated either through command-line arguments or interactive prompts, providing flexibility in usage. It includes basic functionalities like input validation, error handling, and logging, enhancing its reliability and user-friendliness. Note: This script employs 'Security through Obscurity', which should not be considered a robust security measure. It's primarily meant for hiding code from plain sight rather than providing any strong encryption or protection.
pinkungfu [Python] →
A Python script that generates possible PIN combinations based on user input and writes them to a text file. The output file can be splitted if desired. The generated text files can be imported into forensic software such as from Cellebrite to be used for bruteforce methods.
plotlyimex [Python] →
The script imports a CSV file to display position data in an interactive map using plotly. The map is displayed by OpenStreetMap and saved in HTML format. The generated HTML file opens automatically. The user can specify a filename of the import and/or export file if desired.