Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

EricZimmerman/WxTCmd

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
.github/workflows
.github/workflows
 
 
WxTCmd
WxTCmd
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
LINUX.md
LINUX.md
 
 
README.md
README.md
 
 
WxTCmd.sln
WxTCmd.sln
 
 

Repository files navigation

WxTCmd

Command Line Interface

WxTCmd version 0.6.0.0

Author: Eric Zimmerman (saericzimmerman@gmail.com)
https://github.com/EricZimmerman/WxTCmd

        f               File to process. Required
        csv             Directory to save CSV formatted results to. Be sure to include the full path in double quotes
        dt              The custom date/time format to use when displaying timestamps. See https://goo.gl/CNVq0k for options. Default is: yyyy-MM-dd HH:mm:ss

Examples: WxTCmd.exe -f "C:\Users\eric\AppData\Local\ConnectedDevicesPlatform\L.eric\ActivitiesCache.db" --csv c:\temp

          Database files are typically found at 'C:\Users\<profile>\AppData\Local\ConnectedDevicesPlatform\L.<profile>\ActivitiesCache.db'

          Short options (single letter) are prefixed with a single dash. Long commands are prefixed with two dashes

Documentation

WxTCmd is a parser for the Windows 10 Timeline feature database.

Introducing WxTCmd!

Download Eric Zimmerman's Tools

All of Eric Zimmerman's tools can be downloaded here.

Special Thanks

Open Source Development funding and support provided by the following contributors: SANS Institute and SANS DFIR.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

19 stars

Watchers

8 watching

Forks

9 forks
Report repository

Releases

3 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages