Sysprofiler is a Bash script that uses a combination of existing tools and manual processing to extract these artifacts and output them into either a Tab Separated (TSV) file, which can be opened as a spreadsheet, or a plaintext (TXT) file that can be opened in Word Processing software and edited directly into a report. All of the tools used by sysprofiler in the way the script uses them will run natively on Linux. This means that sysprofiler will run on a Linux system, or using WSL on Windows. It is not locked into one specific platform.

Many existing tools are used by this script, including:

• TSK (www.sleuthkit.org)
• RegRipper (https://github.com/keydet89/RegRipper2.8)
• Parse::Win32Registry (http://search.cpan.org/~jmacfarla/Parse-Win32Registry-1.0/lib/Parse/Win32Registry.pm)
• pwdump (https://github.com/moyix/creddump)
• pylnker (https://github.com/HarmJ0y/pylnker)

some of the current module are osinfo – extract OS information:

• Volume Name
• Volume Serial Number
• Filesystem
• Size(bytes)
• Windows Version
• Service Pack
• Owner
• Organisation
• Install Date
• Hostname
• Timezone
• Timezone Offset

users – list user accounts on the system:

• Username
• SID
• Full Name
• Comment
• Account Created
• Last Login
• Login Count
• Password Set
• Password Last Reset
• Last Incorrect Password Entry
• Password Hint
• Flags
• Groups

apps – lists apps installed on the system for all users (from Installer and Uninstall Registry keys):

• Registry Key
• User SID
• Application
• Version
• Company
• Install Date

You can read more and download the disk image  https://github.com/khyrenz/