Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kacos2000/winedb

Windows.EDB Browser
https://github.com/kacos2000/winedb

browser csv edb ese esent gui powershell windows

Last synced: about 10 hours ago
JSON representation

Windows.EDB Browser

Host: GitHub
URL: https://github.com/kacos2000/winedb
Owner: kacos2000
License: mit
Created: 2022-12-12T21:21:48.000Z (almost 2 years ago)
Default Branch: master
Last Pushed: 2023-03-06T11:55:27.000Z (over 1 year ago)
Last Synced: 2024-08-02T13:28:35.797Z (3 months ago)
Topics: browser, csv, edb, ese, esent, gui, powershell, windows
Language: PowerShell
Homepage: https://kacos2000.github.io/WinEDB/
Size: 12.2 MB
Stars: 52
Watchers: 4
Forks: 6
Open Issues: 0
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE.md

Awesome Lists containing this project

README

        # WinEDB

Windows.EDB Browser 

GUI: 

==> [WinEDB Latest version](https://github.com/kacos2000/WinEDB/releases/latest) <==

   Search Store Tree view:

   ![image](https://user-images.githubusercontent.com/11378310/209396462-f41f4165-1ac7-4308-8b28-9ae2d06c8d44.png)

   

   Schema Info:

   ![image](https://user-images.githubusercontent.com/11378310/209396112-17cb7093-324c-43c6-892e-f2447ac0fdc5.png)

Command line:


==> [WindowsEDB-to-CSV.ps1](https://github.com/kacos2000/WinEDB/blob/master/WindowsEDB-to-CSV.ps1) <== 


==> [WindowsEDB-to-CSV.exe](https://github.com/kacos2000/WinEDB/blob/master/WindowsEDB-to-CSV.exe) <== 


Dependencies: 

- [.NET Framework 4.8](https://dotnet.microsoft.com/en-us/download/dotnet-framework/net48)

- [Powershell Version:  5.1](https://docs.microsoft.com/en-us/powershell/scripting/windows-powershell/install/windows-powershell-system-requirements?view=powershell-5.1)

- Uses [Microsoft.Isam.Esent.Interop](https://github.com/microsoft/ManagedEsent). 

_______________

--> for research purposes ;) 

_______________

### [Note]


As of Windows 11 22H2,  Windows Search data is stored in multipe SQLite3 dBs


found at 'C:\ProgramData\Microsoft\Search\Data\Applications\Windows'*


Below are some initial Queries:

  - [PropertyMap](https://github.com/kacos2000/Queries/blob/master/Win_Search_PropertyMap.sql)

  - [Paths (SystemIndex_1_PropertyStore) query](https://github.com/kacos2000/Queries/blob/master/Win_Search_PropertyStore.sql)

  - [SecurityDescriptor (SecStore.db) query](https://github.com/kacos2000/Queries/blob/master/Win_Search_SecStore.sql)

  - [Paths/Files & Timestamps (Windows-gather.db) - can be used to create a TreeView of the paths](https://github.com/kacos2000/Queries/blob/master/Win_Search_gatherdB.sql)