lnk_parser is a full rust implementation to parse windows LNK files
☆23Feb 17, 2026Updated 2 weeks ago
Alternatives and similar repositories for lnk_parser
Users that are interested in lnk_parser are comparing it to the libraries listed below
Sorting:
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- A Rust library for parsing and writing MS Shell Links (shortcuts, *.lnk)☆32Sep 2, 2025Updated 6 months ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆42Sep 21, 2023Updated 2 years ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆44Feb 21, 2026Updated last week
- A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, E…☆24Nov 20, 2025Updated 3 months ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆23Oct 31, 2018Updated 7 years ago
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- isodump - ISO dump utility☆41Jun 9, 2019Updated 6 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- Registry Explorer bookmark definitions☆44Dec 19, 2024Updated last year
- ☆13Feb 25, 2023Updated 3 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Dll hijack -- just one macro☆13Jul 3, 2023Updated 2 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- snake-core - the real snake☆15Jul 11, 2023Updated 2 years ago
- This library provides functionality for fetching and parsing information about Common Vulnerabilities and Exposures (CVE) using the NIST …☆14May 11, 2023Updated 2 years ago
- Malware Analysis tools☆26Sep 14, 2024Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆31Nov 6, 2023Updated 2 years ago
- A parser for the MFT (Master File Table) format☆156Jan 3, 2026Updated 2 months ago
- Assorted BloodHound Cypher queries/tricks I haven't seen in other cheat sheets☆12Jun 21, 2021Updated 4 years ago
- Safe Rust API to libesedb☆12Sep 10, 2025Updated 5 months ago
- Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…☆13May 11, 2023Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Microsoft Compound File Binary (CFB) file format Python IO☆15Feb 20, 2026Updated 2 weeks ago
- A basic Terraform configuration for provisioning simple red team infrastructure in DigitalOcean☆12May 5, 2021Updated 4 years ago
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆90Aug 12, 2025Updated 6 months ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆30Jan 9, 2025Updated last year
- Regipy is an os independent python library for parsing offline registry hives☆266Jan 22, 2026Updated last month
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- Python bindings for https://github.com/omerbenamram/evtx/☆55Jan 3, 2026Updated 2 months ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago