Skip to content
A Forensic C# console app that parses BITS metadata
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


A Forensic C# console app that parses BITS metadata and displays the results via CLI. Just set the full Windows path to whatever BITS log you'd wish to investigate with the -p switch. These can be files that were copied, or files located in the default C:\ProgramData\Microsoft\Network\Downloader\ directory.

The goal was to make a lightweight app that would produce simple output in a easy to ready format. Although, due to all the unique characters in BITS dat files, some strings may be slightly mangled.


  • All HTTP and HTTPS Strings
  • Unique HTTP and HTTPS Strings
  • Downloaded files from BITS jobs - excluding default BITS tmp files.
  • Also works with edb or similarly formatted logs

alt text

You can’t perform that action at this time.