🪟 Windows Forensics Tools Triage Collectors Kansa KAPE Redline Windows Event Logs Analyzers APT-Hunter Chainsaw DeepBlueCLI Hayabusa Takajo (fast forensics analyzer for Hayabusa) MFT ($MFT) Parsers/Analyzers Chainsaw NTFS Log Tracker UsnJrnl ($J) Parsers/Analyzers NTFS Log Tracker $LogFile Parsers/Analyzers NTFS Log Tracker LogFileParser Artifact Parsers/Analyzers AmCache EvilHunter Eric Zimmerman's Tools (EZ Tools) Nirsoft Tools Srum-Dump Remote Desktop Cache Analyzers BMC-Tools RdpCacheStitcher Live Forensics SysInternals Live-Forensicator PersistenceSniper PyrsistenceSniper (PersistenceSniper port to Python)