forensicnomicon 0.2.1

The ForensicNomicon — comprehensive DFIR artifact catalog: UserAssist, Shimcache, Amcache, Prefetch, $MFT, ShellBags, EVTX, NTDS.dit, SAM, SRUM, LNK, Jump Lists + KAPE/Velociraptor/Sigma/MITRE. Zero deps.
Documentation 
1
2
3
4
5
6

# Copy this to .env and fill in your values. Never commit .env.

# YouTube Data API v3 key — for full channel history in backfill_archives.py
# Get one free at: console.cloud.google.com → APIs & Services → Credentials
# Enable: YouTube Data API v3
YOUTUBE_API_KEY=