Alternatives and similar repositories for fortools

Users that are interested in fortools are comparing it to the libraries listed below

• ssp4rk / threatintel
  ☆11Updated 4 years ago
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆25Updated 8 months ago
• ydkhatri / jarp
  Just Another broken Registry Parser (JARP)
  ☆16Updated last year
• EricZimmerman / SDB
  Parse Microsoft shim databases
  ☆30Updated 5 months ago
• sumeshi / ntfsdump
  An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.
  ☆21Updated last year
• GDATAAdvancedAnalytics / winreg-tasks
  ☆19Updated 2 years ago
• EricZimmerman / WxTCmd
  ☆19Updated last month
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆45Updated 6 years ago
• AndrewRathbun / VanillaWindowsRegistryHives
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆46Updated 2 years ago
• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆18Updated 3 years ago
• ydkhatri / Appx-Analysis
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆16Updated last year
• g-les / floss2yar
  ☆15Updated 2 years ago
• 4n6ist / mssql_4n6
  Parsers for .mdf file of Microsoft SQL Server (MSSQL)
  ☆15Updated 5 years ago
• Silv3rHorn / 4n6_misc
  Miscellaneous Scripts
  ☆17Updated 4 years ago
• EricZimmerman / ExtensionBlocks
  Extension blocks as found in ShellBags and other places in the Registry
  ☆24Updated 5 months ago
• woanware / etw-event-dumper
  ☆33Updated 3 years ago
• JPCERTCC / etw-scan
  ETW forensic tool for Volatility3 plugin
  ☆15Updated 7 months ago
• analyzeDFIR / analyzePF
  Tool for analysis of Windows Prefetch files
  ☆26Updated 6 years ago
• abrignoni / WLEAPP
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆32Updated last year
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆37Updated 11 months ago
• volexity / hwp-extract
  A library and cli tool to extract HWP files.
  ☆22Updated 5 months ago
• sumeshi / ntfsfind
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆26Updated last year
• ufrisk / MemProcFS-plugins
  ☆57Updated 8 months ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆75Updated 6 months ago
• EricZimmerman / Issues
  This is a repository for reporting any issues in any of my software
  ☆13Updated 7 years ago
• its-a-feature / macos_execute_from_memory
  PoC of macho loading from memory
  ☆57Updated 7 months ago
• pcbje / pyad1
  Python library for parsing AccessData AD1 images
  ☆32Updated 2 years ago
• williballenthin / viv-utils
  Utilities for working with vivisect
  ☆25Updated 3 months ago
• EricZimmerman / RegistryPlugins
  ☆68Updated last month
• MathildeVenault / SysMainView
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆31Updated 4 years ago