Featured

• CBS Forensic Toolkit : Parser for the Windows 11 Start Menu's CBS subsystem. Extracts forensic artifacts from the MicrosoftWindows.Client.CBS package: Start Menu search history, cached Bing queries, and application launch counts. [ view → ]
• File Entropy Calculator : Drop a file to compute Shannon entropy. High-entropy regions suggest compression or encryption. Useful for spotting packed sections or encrypted payloads inside documents. [ view → ]
• Indicator Parser : Paste a blob of text (log lines, email body, report) and extract IPs, domains, URLs, email addresses, and common file hashes. Defanged indicators are refanged automatically. [ view → ]
• Timestamp Converter : Convert between Unix, Windows FILETIME, Chrome/WebKit, Mac Cocoa, HFS+, OLE, DOS, and ISO 8601 timestamps. Bidirectional and timezone-aware. [ view → ]
• URL Decomposer : Break a URL into scheme, host, path, query parameters, and fragment. Decodes percent-encoding per part and refangs defanged forms automatically. [ view → ]