Alternatives and similar repositories for fortools:

Users that are interested in fortools are comparing it to the libraries listed below

• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆23Updated 5 months ago
• ssp4rk / threatintel
  ☆11Updated 4 years ago
• kohnakagawa / cidre-vm
  Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware
  ☆30Updated 2 months ago
• ald3ns / XPR-dump
  Helper scripts to automate the extraction of YARA rules from XProtectRemediators
  ☆19Updated last year
• its-a-feature / macos_execute_from_memory
  PoC of macho loading from memory
  ☆54Updated 4 months ago
• c3rb3ru5d3d53c / karton-unpacker
  A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.
  ☆55Updated 3 years ago
• ydkhatri / macOS_FE
  Tools for macOS Forensic Bootable media
  ☆15Updated 4 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• tccontre / KnowledgeBase
  Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff
  ☆54Updated 2 months ago
• jschicht / StegoMft
  PoC for hiding data within $MFT
  ☆12Updated 10 years ago
• kacos2000 / WinHex_Templates
  X-Ways Forensic/ WinHex templates
  ☆47Updated 3 years ago
• sumeshi / ntfsfind
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆26Updated last year
• theevilbit / exploits
  ☆86Updated 6 months ago
• AndrewRathbun / VanillaWindowsRegistryHives
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆45Updated last year
• volexity / hwp-extract
  A library and cli tool to extract HWP files.
  ☆20Updated 2 months ago
• slyd0g / SwiftLiverpool
  Enumerate Location Services using CoreLocation API on macOS
  ☆18Updated 3 years ago
• KasperskyLab / Apihashes
  IDA Pro plugin for recognizing known hashes of API function names
  ☆81Updated 2 years ago
• williballenthin / viv-utils
  Utilities for working with vivisect
  ☆25Updated 3 weeks ago
• cube0x8 / ChromeRagamuffin
  Google Chrome internals analysis using Volatility
  ☆42Updated 2 years ago
• Paul-Tew / lifer
  Windows link file (shortcuts) examiner
  ☆68Updated 9 months ago
• abrignoni / WLEAPP
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆30Updated last year
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆47Updated last year
• shamrockhoax / mazedecoder
  ☆28Updated 4 years ago
• sumeshi / ntfsdump
  An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.
  ☆21Updated last year
• msuhanov / ntfs-samples
  NTFS samples
  ☆25Updated 4 years ago
• JPCERTCC / etw-scan
  ETW forensic tool for Volatility3 plugin
  ☆11Updated 4 months ago
• 4n6ist / mssql_4n6
  Parsers for .mdf file of Microsoft SQL Server (MSSQL)
  ☆15Updated 5 years ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆40Updated 5 years ago
• g-les / floss2yar
  ☆15Updated 2 years ago
• EricZimmerman / WxTCmd
  ☆19Updated 2 months ago