{"id":13698947,"url":"https://github.com/Invoke-IR/ForensicPosters","last_synced_at":"2025-05-04T04:30:56.890Z","repository":{"id":31572158,"uuid":"35136913","full_name":"Invoke-IR/ForensicPosters","owner":"Invoke-IR","description":null,"archived":false,"fork":false,"pushed_at":"2024-11-21T16:48:15.000Z","size":53419,"stargazers_count":441,"open_issues_count":3,"forks_count":81,"subscribers_count":40,"default_branch":"master","last_synced_at":"2025-02-25T23:41:28.119Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Invoke-IR.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-05-06T03:13:53.000Z","updated_at":"2025-01-31T16:36:32.000Z","dependencies_parsed_at":"2024-11-10T23:38:19.054Z","dependency_job_id":"c642184e-b6cf-464e-ab3c-517ca355bb03","html_url":"https://github.com/Invoke-IR/ForensicPosters","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Invoke-IR%2FForensicPosters","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Invoke-IR%2FForensicPosters/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Invoke-IR%2FForensicPosters/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Invoke-IR%2FForensicPosters/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Invoke-IR","download_url":"https://codeload.github.com/Invoke-IR/ForensicPosters/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252288912,"owners_count":21724323,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T19:00:55.100Z","updated_at":"2025-05-04T04:30:51.865Z","avatar_url":"https://github.com/Invoke-IR.png","language":null,"readme":"![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/BootSectors/MasterBootRecord.svg \"Master Boot Record\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/BootSectors/GuidPartitionTable.svg \"Guid Partition Table\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/NTFSVolumeBootRecord.svg \"$Boot (Volume Boot Record)\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MasterFileTable.svg \"$MFT (Master File Table)\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/0x10-%24STANDARD_INFORMATION.svg \"$STANDARD_INFORMATION Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/0x20-%24ATTRIBUTE_LIST.svg \"$ATTRIBUTE_LIST Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/0x30-%24FILE_NAME.svg \"$FILE_NAME Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/0x60-%24VOLUME_NAME.svg \"$VOLUME_NAME Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/0x70-%24VOLUME_INFORMATION.svg \"$VOLUME_INFORMATION Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/0x80-%24DATA.svg \"$DATA Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/0x90-%24INDEX_ROOT.svg \"$INDEX_ROOT Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/0xA0-%24INDEX_ALLOCATION.svg \"$INDEX_ALLOCATION Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/MFT_Attributes/NonResident.svg \"Non-Resident Attribute\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/%24AttrDef.svg \"$AttrDef (Attribute Definition File)\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/%24UsnJrnl_%24Max.svg \"$UsnJrnl $Max Data Stream\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/NTFS/%24UsnJrnl_%24J.svg \"UsnJrnl $J Data Stream\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/WindowsRegistry/RegistryHeader.svg \"Registry Header\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/WindowsRegistry/NamedKey.svg \"Registry Named Key\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/WindowsRegistry/SecurityKey.svg \"Registry Security Key\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/WindowsRegistry/ValueKey.svg \"Registry Value Key\")\n\n![alt text](https://cdn.rawgit.com/Invoke-IR/ForensicPosters/master/src/Artifacts/ScheduledJob.svg \"Scheduled Job\")\n\n![alt text](https://github.com/Invoke-IR/Forensic-Posters/blob/master/Posters/Prefetch101.png?raw=true \"Windows 8 Prefetch\")","funding_links":[],"categories":["Resources"],"sub_categories":["Other"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FInvoke-IR%2FForensicPosters","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FInvoke-IR%2FForensicPosters","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FInvoke-IR%2FForensicPosters/lists"}