Alternatives and similar repositories for forensic-rs

Users that are interested in forensic-rs are comparing it to the libraries listed below

• elastic / Silhouette
  Keep it secret, keep it safe
  ☆79Updated 9 months ago
• AbdulRhmanAlfaifi / lnk_parser
  lnk_parser is a full rust implementation to parse windows LNK files
  ☆22Updated 4 months ago
• WithSecureLabs / tau-engine
  A document tagging library
  ☆30Updated 7 months ago
• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆98Updated last week
• secur30nly / netuser-rs
  Rust bindings to Microsoft Windows users / groups management API
  ☆34Updated 2 years ago
• airbus-cert / minusone
  Powershell Linter
  ☆86Updated last week
• JPCERTCC / etw-scan
  ETW forensic tool for Volatility3 plugin
  ☆16Updated last year
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆78Updated last year
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆72Updated 6 months ago
• vobst / BPFVol3
  Linux BPF plugins for Volatility3
  ☆24Updated last year
• 0xor0ne / recmd
  Remote Command executor
  ☆81Updated 2 years ago
• RussianPanda95 / Configuration_extractors
  Configuration Extractors for Malware
  ☆119Updated 7 months ago
• omerbenamram / winstructs
  Parsers for common structures across windows formats.
  ☆12Updated 2 years ago
• dobin / DetonatorAgent
  Detonate malware on VMs and get logs & detection status
  ☆65Updated last week
• MythicAgents / apfell
  JavaScript for Automation (JXA) macOS agent
  ☆88Updated last month
• BinaryDefense / GhidraRustDependenciesExtractor
  Ghidra script for extracting embedded Rust crate dependency strings from a compiled Rust binary
  ☆30Updated 3 years ago
• WhiteBeamSec / WhiteBeam
  WhiteBeam: Transparent endpoint security
  ☆101Updated 2 years ago
• volexity / GoResolver
  GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…
  ☆75Updated 3 months ago
• jstrosch / FLARE-VM-configs
  These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…
  ☆15Updated last year
• referefref / Rusty-Telephone
  Exfiltrate data over audio output from remote desktop sessions - Covert channel PoC
  ☆64Updated 11 months ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆53Updated 10 months ago
• Peco602 / rusthunter
  RustHunter is a modular incident response framework based on Rust and Ansible to build and compare environmental baselines.
  ☆18Updated last week
• yamakadi / houdini
  A rust library that allows you to delete your executable while it's running.
  ☆90Updated 2 years ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆118Updated 2 years ago
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆28Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆43Updated last year
• FarghlyMal / Config-Extractors
  ☆27Updated 11 months ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated 2 years ago
• D4RK-R4BB1T / BlackBasta-Chats
  ☆49Updated 9 months ago
• brokensound77 / LoFP
  Living off the False Positive!
  ☆40Updated 9 months ago