Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/EricZimmerman/WxTCmd
https://github.com/EricZimmerman/WxTCmd
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/EricZimmerman/WxTCmd
- Owner: EricZimmerman
- License: mit
- Created: 2018-05-07T17:55:23.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2022-01-23T23:26:36.000Z (almost 3 years ago)
- Last Synced: 2024-07-30T04:03:45.103Z (3 months ago)
- Language: C#
- Size: 1.7 MB
- Stars: 20
- Watchers: 8
- Forks: 8
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- Awesome-KAPE - WxTCmd
README
# WxTCmd
## Command Line Interface
WxTCmd version 0.6.0.0
Author: Eric Zimmerman ([email protected])
https://github.com/EricZimmerman/WxTCmd
f File to process. Required
csv Directory to save CSV formatted results to. Be sure to include the full path in double quotes
dt The custom date/time format to use when displaying timestamps. See https://goo.gl/CNVq0k for options. Default is: yyyy-MM-dd HH:mm:ss
Examples: WxTCmd.exe -f "C:\Users\eric\AppData\Local\ConnectedDevicesPlatform\L.eric\ActivitiesCache.db" --csv c:\temp
Database files are typically found at 'C:\Users\\AppData\Local\ConnectedDevicesPlatform\L.\ActivitiesCache.db'
Short options (single letter) are prefixed with a single dash. Long commands are prefixed with two dashes
## Documentation
WxTCmd is a parser for the Windows 10 Timeline feature database.
[Introducing WxTCmd!](https://binaryforay.blogspot.com/2018/05/introducing-wxtcmd.html)
# Download Eric Zimmerman's Tools
All of Eric Zimmerman's tools can be downloaded [here](https://ericzimmerman.github.io/#!index.md). Use the [Get-ZimmermanTools](https://f001.backblazeb2.com/file/EricZimmermanTools/Get-ZimmermanTools.zip) PowerShell script to automate the download and updating of the EZ Tools suite. Additionally, you can automate each of these tools using [KAPE](https://www.kroll.com/en/services/cyber-risk/incident-response-litigation-support/kroll-artifact-parser-extractor-kape)!
# Special Thanks
Open Source Development funding and support provided by the following contributors: [SANS Institute](http://sans.org/) and [SANS DFIR](http://dfir.sans.org/).