Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-SheetView external linksLinks
☆173Aug 25, 2023Updated 2 years ago
Alternatives and similar repositories for Windows-Registry-Analysis-Cheat-Sheet
Users that are interested in Windows-Registry-Analysis-Cheat-Sheet are comparing it to the libraries listed below
Sorting:
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Sep 13, 2023Updated 2 years ago
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 3 months ago
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆20Jul 18, 2023Updated 2 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.☆19Apr 30, 2025Updated 9 months ago
- Contains compiled binaries of Volatility☆36May 18, 2025Updated 8 months ago
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- Harness the power of Splunk for your investigations☆152Oct 11, 2025Updated 4 months ago
- Practical Windows Forensics Training☆740Updated this week
- Vault of Windows Registry forensic artifacts☆26Nov 12, 2025Updated 3 months ago
- Hunt for SQLite files used by various applications☆28Jan 31, 2026Updated 2 weeks ago
- Python script to walk a folder or a zip file for SQLite Databases☆37Sep 20, 2023Updated 2 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆78Oct 20, 2025Updated 3 months ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆51Jan 9, 2026Updated last month
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆460Aug 13, 2024Updated last year
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆117Jan 26, 2022Updated 4 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆108Nov 23, 2022Updated 3 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 7 months ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆642Jun 19, 2024Updated last year
- This repo is about Active Directory Advanced Threat Hunting☆649Feb 17, 2025Updated last year
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 6 months ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆42Updated this week
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- /ˈhäjˌpäj/ "a confused mixture."☆13Updated this week
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated 7 months ago
- Search Index Database Reporter☆131Oct 28, 2025Updated 3 months ago
- ☆35Dec 6, 2023Updated 2 years ago
- A small util to brute-force prefetch hashes☆77Jun 24, 2022Updated 3 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆33Nov 16, 2023Updated 2 years ago
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- Documentation and scripts to properly enable Windows event logs.☆672Oct 3, 2025Updated 4 months ago
- MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs☆754Feb 1, 2026Updated 2 weeks ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 2 years ago
- ☆115Feb 3, 2026Updated 2 weeks ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆110Feb 6, 2026Updated last week