Tools

  • Echo BAM (bam.exe): A graphical tool to view, filter, and reorder entries from the Background Activity Moderator (BAM) registry keys. It simplifies accessing BAM data, which logs program executions (primarily .exe files).

  • Echo Journal Tool (journal-tool.exe): A parser for the NTFS USN Journal ($J). It allows filtering for specific events like file deletions, creations, and renames. It's presented as a user-friendly alternative to using fsutil commands and is noted for parsing all NTFS drives simultaneously.

  • Echo UserAssist View (userassist.exe): A viewer for Windows UserAssist registry data. UserAssist tracks the execution of GUI applications. This tool reportedly shows if the target file still exists and allows quick navigation to it.

  • Echo String Tool (strings-tool.exe): Allows searching for multiple specific strings within a selected process's memory simultaneously. It's useful for quickly testing custom string detections or looking for known cheat indicators without needing to repeatedly use tools like System Informer's string search.

  • Echo USBDEVIEW: A tool similar to Nirsoft's USBDeview, designed to show the history of USB devices connected to the PC. It displays information like the last plug-in and unplug times and the type of USB device, aiming for a less cluttered interface than the original Nirsoft tool.

PreviousEcho's ToolsNextSpecific PowerShell Scripts

Last updated