Skip to content

Releases: kacos2000/Prefetch-Browser

PrefetchBrowser

17 Dec 18:11
@kacos2000 kacos2000
v.0.0.13.0
73f8d66
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser Latest
Latest

[Updates]

  • Added support for Win 11 24H2

MD5: DA9DDF2447CF8D9CB27BDD1A7F00D096
SHA256: B582CBF4BB485D6712B06F285012961F51030B724474C11231456415C45FEB88

Assets 3
Loading

PrefetchBrowser

28 Jan 15:40
@kacos2000 kacos2000
v.0.0.12.0
2f60015
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Updates]

  • Added option to save the Prefetch/Superfetch properties to a JSON file
  • Other minor updates

MD5: 674E9EB75F5DBFF73C08F8DA74A46FEA
SHA256: 2779A2FAA40ABB2A9C595F68AEE96FEBFF8EA9CAA8AC2C8BC47026CA141E85F7

Assets 3
Loading

PrefetchBrowser

15 Mar 17:24
@kacos2000 kacos2000
v.0.0.11.0
26c046b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Updates]

  • Swapped 'Add-Type' and the C# code for [Prefetch.XpressStream.Xpress2] (used to decompress the Prefetch files) for a compiled & signed .dll instead, to solve errors in Win11

MD5: 0515EA6451015DA6964D176FE607ACB4
SHA256: 834955711A1B090EB952FB69284F4E79DC4F54C19E593DD394E96490189C70E4

Assets 3
Loading

PrefetchBrowser

02 Dec 16:27
@kacos2000 kacos2000
v.0.0.10.0
43fce2a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Updates]

  • Switched to Black background :)

  • Added new info on Prefetch File Metrics & Trace Arrays based on @JamesHabben 's research. E.g.:

    image
    image

  • Note:1 certain Prefetch files might take a bit longer to process due to the extra info (depending on the Nr. of trace metrics/entries)

  • Note2: Not all Flag values are known (yet).

  • Added experimental support for some Superfetch .db files including 'cadrespri.7db' and 'dynrespri.7db'.

  • db formats supported:

    Format Version Files Compression
    3 19 cadrespri.7db, dynrespri.7db None
    15 14 AgRobust.db None
    3 11 AgGlUAD_P_(SID here)_.db LZXPRESS
    3 21 AgGlobalHistory.db, AgGlFgAppHistory.db LZXPRESS

    Example image from a Win10's 'AgGlobalHistory.db'

    image

  • Some relatively recent info on Superfetch/Prefetch:

MD5: 2CA8117578438593842E9B1B828861A1
SHA256: 03136C7AA02908910E56A062BFADFC52A1A1F436AAB4A6A461864F5A0E6B215B

Contributors

JamesHabben, MathildeVenault, and adkarukera
Assets 3
Loading

PrefetchBrowser

09 Nov 13:19
@kacos2000 kacos2000
v.0.0.9.0
f20b384
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Update]

  • minor bug fix

MD5: 57A2DCEE90A4C3BB6BA6828D625FA7CB
SHA256: 5A993C47ECA71098C8A2117302FD6279AD4AC8C7F1CC5FDF060C7F4DD1A2188F

Assets 3
Loading

PrefetchBrowser

17 Jul 11:07
@kacos2000 kacos2000
v.0.0.8.0
c3bf22f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Update]

  • New Digital Signature

MD5: CD53666980236F4658CE02DCC4DF9B4F
SHA1: B88FEDBEF703D408BC7B6C75445B6503BC829750
SHA256: 45471A6B255218D465FA1976643D30A52441D15A3BE1A98930EC615EB2F68682

Assets 3
Loading

PrefetchBrowser

07 Dec 10:49
@kacos2000 kacos2000
v.0.0.7.0
ae2e867
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Update]

  • minor corrections

MD5: 685FB286D4109B8EC3986EF0C25F5D61
SHA256: C14B6DEB855360DE5802008FA96060F48C2FAE0874A4C5C4BD9EC2BD16B3E801

Assets 3
Loading

PrefetchBrowser

06 Dec 16:45
@kacos2000 kacos2000
v.0.0.6.0
ae2e867
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Update]

  • Added file info for the loaded prefetch to the properties tree (useful when saving to a txt file)
  • Minor fix

MD5: 814A18E0CE23A767FFF1F22DE442B550
SHA256: 32BCF56CD3B9310D31A6246344A53EFEEC6E371F1CDBF37011844B5CB5E20DEF

Assets 3
Loading

PrefetchBrowser

05 Dec 17:14
@kacos2000 kacos2000
v.0.0.5.0
696c7a4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Update]

  • Now lists & reads Prefetch (.pf) files hidden in Alternate Data Streams
    e.g. : 'WELCOME2.TXT:REVSHELL.EXE-41B5A636.pf'

Ref: # Creating a Hidden Prefetch File to Bypass Normal Forensic Analysis

Assets 4
Loading

PrefetchBrowser

04 Dec 18:12
@kacos2000 kacos2000
v.0.0.4.0
7c4fc3e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PrefetchBrowser

[Updates]

  • Added access permissions check when selecting a Prefetch folder
  • Added option to export the Prefetch directory tree (Prefetch file system properties) to a csv/txt file
  • Added option to export the Selected Prefetch file's Properties (Nodes) to a Text (txt) file
Assets 3
Loading