winstructs 0.1.0

Common structures used in parsing various windows protocols
Documentation

winstructs

This contains some parsers for structures that are common across windows formats.

Currently supported formats:

  • Guid
  • FILETIME, DosTime
  • Security ids:
    • SecurityDescriptor
    • Acl
    • Ace
    • Sid

Note

This library was inspired by https://github.com/forensicmatt/r-winstructs, but is not API compatible in any sort.