DFIR Toolkit v0.9 releases: CLI tools for forensic investigation of Windows artifacts
DFIR Toolkit CLI tools for forensic investigation of Windows artifacts Overview of timelining tools Changelog v0.9 added lnk2bodyfile Install cargo install dfir-toolkit Tool cleanhive merges logfiles into a hive file xx evtx2bodyfile ...
