Skip to content
/ DFIR_SQL_Queries Public

A collection of small queries I assemble during my investigations. I hope they help you as they did with me.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

theAtropos4n6/DFIR_SQL_Queries

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
iOS
iOS
 
 
README.md
README.md
 
 

Repository files navigation

DFIR_SQL_Queries

A collection of small queries I created during my investigations. I hope they help you as they did with me.

Why do we need custom queries when we have our commercial forensic software?

Well, forensic tools do not always parse properly the artifacts. Sometimes, the artifacts of interest are not properly parsed/decoded and you have to manually go through them. This is exactly where you may find these queries useful. It is literally the reason why I assembled them.

CAUTION: As ALWAYS, please validate the results of any query you use. They can misoperate or even break at any time.

Do share with your colleagues, as sharing is what makes our DFIR family great. Cheers!

About

A collection of small queries I assemble during my investigations. I hope they help you as they did with me.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published