forensicnomicon 0.2.2

The ForensicNomicon — comprehensive DFIR artifact catalog: UserAssist, Shimcache, Amcache, Prefetch, $MFT, ShellBags, EVTX, NTDS.dit, SAM, SRUM, LNK, Jump Lists + KAPE/Velociraptor/Sigma/MITRE. Zero deps.
Documentation 
1
2
3
4
5
6
7

#![doc = include_str!("../docs/index.md")]

/// Analyst-facing handbook for the crate's DFIR knowledge model.
///
/// This module exists so the published rustdoc / GitHub Pages site exposes a
/// readable handbook entry point in addition to raw API reference pages.
pub struct Handbook;