shellbags

LSE toolsLSE toolsshellbags (460)shellbags (460)

Tool and Usage

Project details

License
Apache License 2.0
Programming language
Python
Author
Willi Ballenthin
Latest release
0.5.5
Latest release date

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Typically this tool will be used to gather information from a compromised system or to track traces from a system to find evidence. Shellbags can provide some insight on browsed directories on the system via Explorer on Microsoft Windows systems.

How it works

The shellbags script is provided the path to a raw Windows Registry hive (NTUSER.DAT). It is then parsed on the system of the forensic specialist.

Usage and audience

shellbags is commonly used for digital forensics. Target users for this tool are forensic specialists and pentesters.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

Author and Maintainers

Shellbags is under development by Willi Ballenthin.

Installation

Supported operating systems

Shellbags is known to work on Linux and Microsoft Windows.

shellbags alternatives

Similar tools to shellbags:

74

Volatility

Volatile memory framework used for forensics and analysis purposes. The framework is written in Python and runs on almost all platforms.

64

dfis

Digital Forensic Investigative Scripts, or dfis, is a collection of scripts that can be used during forensic investigations.

64

Bitscout

Bitscout is a security tool that allows professionals performing digital forensics remotely. The toolkit creates a live-cd for this purpose.

All shellbags alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a digital forensics tool.

Related topics