Alternatives and similar repositories for fortools

Users that are interested in fortools are comparing it to the libraries listed below

• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆24Updated 7 months ago
• ssp4rk / threatintel
  ☆11Updated 4 years ago
• sumeshi / ntfsdump
  An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.
  ☆21Updated last year
• g-les / floss2yar
  ☆15Updated 2 years ago
• ydkhatri / jarp
  Just Another broken Registry Parser (JARP)
  ☆16Updated last year
• AndrewRathbun / VanillaWindowsRegistryHives
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆46Updated 2 years ago
• EricZimmerman / Issues
  This is a repository for reporting any issues in any of my software
  ☆13Updated 7 years ago
• NTFSparse / ntfs_parse
  NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
  ☆37Updated 8 years ago
• volexity / hwp-extract
  A library and cli tool to extract HWP files.
  ☆22Updated 4 months ago
• abrignoni / WLEAPP
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆32Updated last year
• EricZimmerman / WxTCmd
  ☆19Updated last month
• Paul-Tew / lifer
  Windows link file (shortcuts) examiner
  ☆68Updated 11 months ago
• EricZimmerman / ExtensionBlocks
  Extension blocks as found in ShellBags and other places in the Registry
  ☆24Updated 5 months ago
• Silv3rHorn / 4n6_misc
  Miscellaneous Scripts
  ☆17Updated 4 years ago
• ydkhatri / Appx-Analysis
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆16Updated last year
• ufrisk / MemProcFS-plugins
  ☆54Updated 7 months ago
• ydkhatri / macOS_FE
  Tools for macOS Forensic Bootable media
  ☆15Updated 5 years ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆45Updated 6 years ago
• EricZimmerman / SDB
  Parse Microsoft shim databases
  ☆30Updated 4 months ago
• cellebrite-labs / clbx
  CLBX file format
  ☆21Updated 4 years ago
• analyzeDFIR / analyzePF
  Tool for analysis of Windows Prefetch files
  ☆26Updated 6 years ago
• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆18Updated 3 years ago
• herosi / triage-collector
  ☆22Updated 7 months ago
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆36Updated 10 months ago
• gajos112 / SRUM-Timeliner
  ☆10Updated last year
• kacos2000 / WinHex_Templates
  X-Ways Forensic/ WinHex templates
  ☆47Updated 3 years ago
• woanware / etw-event-dumper
  ☆33Updated 3 years ago
• tokesr / usb_investigator
  ☆9Updated 5 years ago
• ald3ns / XPR-dump
  Helper scripts to automate the extraction of YARA rules from XProtectRemediators
  ☆20Updated last year
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago