dfir-esedb

This crate provides a parser for Microsofts EseDB files, aimed to be used for forensic purposes.

Usage Example

use std::path::PathBuf;
use dfir_esedb::EseDb;
let db = EseDb::open(&PathBuf::from("tests/data/ntds_plain.dit")).unwrap();

assert_eq!(db.header().database_time().hours(), &21);
assert_eq!(db.header().database_time().minutes(), &45);
assert_eq!(db.header().database_time().seconds(), &2);

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
src		src
tests		tests
.gitignore		.gitignore
Cargo.toml		Cargo.toml
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

dfir-esedb

Usage Example

About

Releases

Packages

Languages

License

janstarke/dfir-esedb

Folders and files

Latest commit

History

Repository files navigation

dfir-esedb

Usage Example

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages