srum-dump ~ A forensics tool to convert the data in the Windows srum.

srum-dump ~ A forensics tool to convert the data in the Windows srum.

srum-dump a program will create an excel spreadsheet containing forensics artifacts contained the SRUM (System Resource Utilization Manager) database.

srum-dump

The program can be run with no input and it will prompt you for each of the needed arguments. The program requires two inputs. The first is an SRUM database. The SRUM database is usually \Windows\system32\sru\SRUDB.dat. The second is a XLSX template file that contains the names of the tables and fields that you want to extract from the SRUM database. SRUM_TEMPLATE.xlsx is distributed with the program and it includes the fields that you will most likely be interested in. If you want to add additinal XLS calculations or remove fields form the SRUM database you can make a copy of SRUM_TEMPLATE.xlsx and change that template file as needed. The program will create a new XLSX file containing the fields specified inside the template.

Dependencies:
+ All Windows x86 Version Support

Usage:

Source: https://github.com/MarkBaggett