Category | Module | State | Description |
CONFIGURATION | | | |
| d4.py | Beta | Contains common variables and configurations. |
TOOL MODULES | | | |
| autoruns.py | Alpha | Facilitates the reading, processing and analysis of the output (csv) of the Sysinternals Autoruns utility |
| kansa.py | Alpha | Facilitates the reading, processing and analysis of the output files of Dave Hull's kansa Incident Response framework |
| kape.py | Alpha | Facilitates the reading, processing and analysis of the output files of Kroll / Eric Zimmermans's KAPE Incident Response framework |
| macrobber.py | Alpha | Facilitates the reading, processing and analysis of the output files of macrobber |
| mactime | Alpha | Facilitates the reading, processing and analysis of the output files of mactime |
| plaso.py | Beta | Facilitates the reading, processing and analysis of the output files of Google's plaso Digital Forensics framework |
| volatility.py | Alpha | Facilitates the data load, processing and analysis of the output (csv) of the Volatitliy memory forensics framework |
ARTIFACT MODULES | | | |
| amcache.py | Alpha | Facilitates the reading, processing and analysis of Amcache Hive Log files |
| evtx.py | Beta | Facilitates the reading, processing and analysis of Windows evtx files |
| evtx_parser.py | Beta | Facilitates the reading of Windows evtx files |
| evtx_ml.py | Alpha | Facilitates the use of machine learning with Windows evtx files |
| fstl.py | Beta | Facilitates the reading, processing and analysis of the output (csv) of the Sleuthkit's fls/mactime filesystem timelines |
| flist.py | Beta | Facilitates the reading, processing and analysis of the output (csv) of file listing |
| pslist.py | Beta | Facilitates the reading, processing and analysis of list of processes |
| svclist.py | Alpha | Facilitates the reading, processing and analysis of list of services |
| winreg.py | Alpha | Facilitates the reading, processing and analysis of Windows Registry Hive Log files |
UTILITIES | | | |
| utils.py | Beta | Diverse set of functions used by the ds4n6_lib |
| unx.py | Beta | Diverse set of functions which mimic some well-known UNIX utilities (grep, sed, etc.) |
FRAMEWORK | | | |
| common.py | Beta | Diverse set of functions used by the ds4n6_lib |
| gui.py | Beta | Diverse set of GUI functions used by the ds4n6_lib |
TEMPLATES | | | |
| template-tool.py | Beta | Contains a template to add new tools |
| template-artifact.py | Beta | Contains a template to add new artifacts |