Skip to content
A Forensic C# console app that parses BITS metadata
C#
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Properties
App.config
BansheePelican.csproj
Program.cs
README.md

README.md

BansheePelican

A Forensic C# console app that parses BITS metadata and displays the results via CLI. Just set the full Windows path to whatever BITS log you'd wish to investigate with the -p switch. These can be files that were copied, or files located in the default C:\ProgramData\Microsoft\Network\Downloader\ directory.

The goal was to make a lightweight app that would produce simple output in a easy to ready format. Although, due to all the unique characters in BITS dat files, some strings may be slightly mangled.

Outputs:

  • All HTTP and HTTPS Strings
  • Unique HTTP and HTTPS Strings
  • Downloaded files from BITS jobs - excluding default BITS tmp files.
  • Also works with edb or similarly formatted logs

alt text

You can’t perform that action at this time.