Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

Sigma detection rules for hunting with the threathunting-keywords project

C# Library and research notes for Windows 11 Notepad State Files

Reverse Engineering the Tabstate files for Windows Notepad

Python script for outputting PCAPs as JSON as well as extracting attachments within the traffic stream

Reverse Engineering the Windowstate files for Windows Notepad

🎨 Create and animate visual scenes in real-time using desktop windows with this minimal Python library. Perfect for live coding experiences.