Alternatives and similar repositories for lnk_parser

Users that are interested in lnk_parser are comparing it to the libraries listed below

• omerbenamram / winstructs

  View on GitHub
  Parsers for common structures across windows formats.
  ☆12Aug 23, 2023Updated 2 years ago
• AbdulRhmanAlfaifi / SDSParser-rs

  View on GitHub
  NTFS Security Descriptor Stream ($Secure:$SDS) parser
  ☆14Jan 9, 2023Updated 3 years ago
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆12Jan 10, 2023Updated 3 years ago
• ydkhatri / spotlight_queries

  View on GitHub
  Queries for parsed spotlight database in sqlite
  ☆13Dec 29, 2020Updated 5 years ago
• Cainor / Calendarinho

  View on GitHub
  Manage Your Large Team of Consultants
  ☆11Sep 18, 2025Updated 4 months ago
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• AbdulRhmanAlfaifi / Rhaegal

  View on GitHub
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆42Sep 21, 2023Updated 2 years ago
• kacos2000 / Jumplist-Browser

  View on GitHub
  Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser
  ☆41Feb 25, 2024Updated last year
• fox-it / dissect.esedb

  View on GitHub
  A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, E…
  ☆24Nov 20, 2025Updated 2 months ago
• ExabeamLabs / Synopsis

  View on GitHub
  Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.
  ☆22Oct 31, 2018Updated 7 years ago
• x0reaxeax / SyscallHookBypass

  View on GitHub
  NTAPI hook bypass with (semi) legit stack trace
  ☆18May 9, 2023Updated 2 years ago
• evild3ad / isodump

  View on GitHub
  isodump - ISO dump utility
  ☆41Jun 9, 2019Updated 6 years ago
• forensicmatt / RustyUsn

  View on GitHub
  USN to JSON
  ☆22Apr 4, 2020Updated 5 years ago
• 00010111 / gMetaDataParse

  View on GitHub
  ☆24Mar 12, 2025Updated 11 months ago
• EricZimmerman / RegistryExplorerBookmarks

  View on GitHub
  Registry Explorer bookmark definitions
  ☆44Dec 19, 2024Updated last year
• florylsk / AmsiBypass123

  View on GitHub
  ☆13Feb 25, 2023Updated 2 years ago
• dwmetz / Axiom-PowerShell

  View on GitHub
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆12Aug 26, 2024Updated last year
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• WithSecureLabs / snake-core

  View on GitHub
  snake-core - the real snake
  ☆15Jul 11, 2023Updated 2 years ago
• mandiant / vbScript_deobfuscator

  View on GitHub
  Help deobfuscate VBScript
  ☆18Jul 1, 2022Updated 3 years ago
• b1-team / dll-hijack

  View on GitHub
  Dll hijack -- just one macro
  ☆12Jul 3, 2023Updated 2 years ago
• viniciuspereiras / cveutils

  View on GitHub
  This library provides functionality for fetching and parsing information about Common Vulnerabilities and Exposures (CVE) using the NIST …
  ☆14May 11, 2023Updated 2 years ago
• lasq88 / MalwareAnalysis

  View on GitHub
  Malware Analysis tools
  ☆26Sep 14, 2024Updated last year
• Hestat / calamity

  View on GitHub
  A script to assist in processing forensic RAM captures for malware triage
  ☆26Feb 4, 2021Updated 5 years ago
• jasonsford / intel_collector

  View on GitHub
  Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.
  ☆31Nov 6, 2023Updated 2 years ago
• omerbenamram / mft

  View on GitHub
  A parser for the MFT (Master File Table) format
  ☆155Jan 3, 2026Updated last month
• sunsetkookaburra / rust-libesedb

  View on GitHub
  Safe Rust API to libesedb
  ☆12Sep 10, 2025Updated 5 months ago
• b1gbroth3r / red-team-infrastructure-example

  View on GitHub
  A basic Terraform configuration for provisioning simple red team infrastructure in DigitalOcean
  ☆12May 5, 2021Updated 4 years ago
• rembish / cfb

  View on GitHub
  Microsoft Compound File Binary (CFB) file format Python IO
  ☆15Aug 27, 2014Updated 11 years ago
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• knavesec / BloodHound-Custom-Queries

  View on GitHub
  Assorted BloodHound Cypher queries/tricks I haven't seen in other cheat sheets
  ☆12Jun 21, 2021Updated 4 years ago
• Nariod / ronflex

  View on GitHub
  Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…
  ☆13May 11, 2023Updated 2 years ago
• MagnetForensics / Magnet-RESPONSE-PowerShell

  View on GitHub
  PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.
  ☆29Jan 9, 2025Updated last year
• mkorman90 / regipy

  View on GitHub
  Regipy is an os independent python library for parsing offline registry hives
  ☆266Jan 22, 2026Updated 3 weeks ago
• brimorlabs / KStrike

  View on GitHub
  Stand-alone parser for User Access Logging from Server 2012 and newer systems
  ☆78Jan 9, 2024Updated 2 years ago
• ydkhatri / macOS_FE

  View on GitHub
  Tools for macOS Forensic Bootable media
  ☆15May 20, 2020Updated 5 years ago
• KarmaPenny / pdfparser

  View on GitHub
  PDF Parser is a command line tool and go library for analyzing PDF files.
  ☆14Jan 25, 2024Updated 2 years ago
• k3idii / ION

  View on GitHub
  Indicators of Normality
  ☆11Jul 22, 2022Updated 3 years ago
• mandiant / ARDvark

  View on GitHub
  ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.
  ☆36Jun 1, 2023Updated 2 years ago