forked from log2timeline/plaso
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathACKNOWLEDGEMENTS
97 lines (88 loc) · 2.06 KB
/
ACKNOWLEDGEMENTS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
Acknowledgements: plaso
Copyright 2012 The Plaso Project Authors.
Please see the AUTHORS file for details on individual authors.
Plaso is a Python rewrite of the log2timeline Perl version.
Plaso is developed and maintained by:
* Kristinn Gudjonsson
* Eric Mak
* Joachim Metz
Plaso depends on various other projects. So thanks to the authors
and others involved with these projects:
* Python and modules
* libyaml
* iPython
* PyInstaller
* the SleuthKit
* pytsk
* Hachoir (not included in binary release)
Thanks to contributors (alphabetically based on last name):
* Brian Baskin
* Parsers
* BEncode
* Java IDX parser
* Johan Berggren
* SQLite plugins
* Zeitgeist activity database
* Dominique Kilman
* Parsers
* PCAP
* Joaquin Moreno Garijo
* Parsers
* ASL
* mac_wifi.log
* utmpx
* SQLite plugins
* Skype
* David Nides (@davnads)
* Output modules
* 4n6time SQLite, with thanks to Eric Wong for assistance
* 4n6time MySQL
* Parsers
* Hachoir (meta data)
* OLECF
* OMXL
* Symantec AV Log
* timelib StringToDatetime function
* SQLite plugins
* Google Drive
* Windows Registry plugins
* Office MRU
* Outlook
* Terminal Server Client (RDP)
* Typed Paths
* Typed URLs
* USBStor
* Win7 UserAssist
* WinRar
* Francesco Picasso
* Parsers
* SELinux
* Jordi Sanchez
* binplist
* object filter
* Elizabeth Schweinsberg
* Parsers
* McAfee AV Access Protection Log
* Windows Registry plugins
* MSIE zones
* Marc Séguin
* Windows Registry plugins
* CCleaner
* Keith Wall
* SQLite plugins
* Android calls database
* Android sms database
* updates to the timezone transformation
Test data:
Copied with permission from the GRR project: https://code.google.com/p/grr/
* History
* index.dat
* places.sqlite
Copied with permission granted by Jerome Marty.
* WUAUCLT.EXE-830BCC14.pf
Copied with permission granted by Rob Lee.
Copyright SANS Institute - Digital Forensics and Incident Response.
* example.lnk
* SysEvent.Evt
* System.evtx
* Ntuser.dat (multiple instances)