dfir-toolkit 0.12.3

CLI tools for digital forensics and incident response

dfir-toolkit

There is very little structured metadata to build this page from currently. You should check the main library docs, readme, or Cargo.toml in case the author documented the features in them.

This version has 55 feature flags, 51 of them enabled by default.

default

cleanhive (default)

evtxtools (default)

hivescan (default)

ipgrep (default)

This feature flag does not enable additional features.

lnk2bodyfile (default)

mactime2 (default)

pf2bodyfile (default)

pol_export (default)

This feature flag does not enable additional features.

regdump (default)

ts2date (default)

zip2bodyfile (default)

nt_hive2 (default)

evtx2bodyfile (default)

evtxanalyze (default)

evtxcat (default)

evtxls (default)

evtxscan (default)

lnk (default)

  • dep:lnk (default)

bitflags (default)

chrono-tz (default)

color-print (default)

encoding_rs_io (default)

gzip (default)

sha2 (default)

strum (default)

strum_macros (default)

thiserror (default)

forensic-rs (default)

frnsc-prefetch (default)

libc (default)

num (default)

  • dep:num (default)

regex (default)

time (default)

zip (default)

  • dep:zip (default)

evtx (default)

getset (default)

indicatif (default)

ouroboros (default)

dfirtk-eventdata (default)

dfirtk-sessionevent-derive (default)

exitcode (default)

serde_json (default)

walkdir (default)

colored_json (default)

term-table (default)

termsize (default)

colored (default)

evtx-msg (default)

lazy-regex (default)

sigpipe (default)

flate2 (default)

base64

num-derive

num-traits

phf