Alternatives and similar repositories for forensic-rs

Users that are interested in forensic-rs are comparing it to the libraries listed below

• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆82Updated this week
• WithSecureLabs / tau-engine
  A document tagging library
  ☆30Updated last month
• secur30nly / netuser-rs
  Rust bindings to Microsoft Windows users / groups management API
  ☆33Updated last year
• AbdulRhmanAlfaifi / lnk_parser
  lnk_parser is a full rust implementation to parse windows LNK files
  ☆18Updated 4 months ago
• n4r1b / win-drvutils-rs
  Collection of Windows Driver Utils
  ☆11Updated last year
• djhohnstein / librarian
  Shared library loading application for Linux written in Go.
  ☆16Updated 4 years ago
• marirs / capa-rs
  File Capability Extractor
  ☆13Updated last month
• melotic / nanostorm
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆19Updated 5 months ago
• BinaryDefense / GhidraRustDependenciesExtractor
  Ghidra script for extracting embedded Rust crate dependency strings from a compiled Rust binary
  ☆29Updated 2 years ago
• elastic / Silhouette
  Keep it secret, keep it safe
  ☆77Updated 3 months ago
• herosi / triage-collector
  ☆22Updated 7 months ago
• NextronSystems / gimphash
  Imphash-like calculation on Golang binaries
  ☆49Updated 2 years ago
• vthib / boreal
  Safe and performant YARA rules evaluator in Rust
  ☆48Updated this week
• malsearchs / Static-Reverse-Engineering-SRE
  SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool
  ☆53Updated 4 months ago
• dfir-dd / dionysos
  Scanner for certain IoCs
  ☆11Updated 3 months ago
• malienist / vovk
  Vovk is framework of tools that include a WinDbg extension that generates in-depth YARA rules for malware.
  ☆22Updated 8 months ago
• mtth-bfft / evtq
  Windows eventlog formatting, live fetching and querying utility in C
  ☆18Updated 4 years ago
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆21Updated last year
• PwCUK-CTO / ScatterBee_Analysis
  Scripts to aid analysis of files obfuscated with ScatterBee.
  ☆20Updated 2 years ago
• Abyss-W4tcher / volatility-scripts
  This repository contains a variety of plugins and scripts, related to the Volatility framework.
  ☆13Updated 3 months ago
• Cainor / Calendarinho
  Manage Your Large Team of Consultants
  ☆11Updated 3 months ago
• hashlookup / hashlookup-gui
  Provides a multi-platform Graphical User Interface for hashlookup
  ☆12Updated 10 months ago
• Peco602 / rusthunter
  RustHunter is a modular incident response framework based on Rust and Ansible to build and compare environmental baselines.
  ☆18Updated 2 years ago
• forensicmatt / libtsk-rs
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆11Updated 2 years ago
• JPCERTCC / etw-scan
  ETW forensic tool for Volatility3 plugin
  ☆13Updated 6 months ago
• VHSgunzo / ulexec
  A tool for loading and executing PE on Windows and ELF on Linux from memory written in Rust
  ☆11Updated last month
• sunsetkookaburra / rust-libesedb
  Safe Rust API to libesedb
  ☆10Updated last year
• theflakes / fmd
  Windows file metadata / forensic tool.
  ☆18Updated 8 months ago
• melotic / rekk
  rekk is set of tools written in Rust to obfuscate ELF & PE executables with nanomites.
  ☆31Updated 5 months ago
• ydkhatri / Appx-Analysis
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆16Updated last year