Forensic framework to build tools that can be reused in multiple projects without changing anything
☆31Oct 17, 2025Updated 4 months ago
Alternatives and similar repositories for forensic-rs
Users that are interested in forensic-rs are comparing it to the libraries listed below
Sorting:
- Scanner for certain IoCs☆11Jan 29, 2025Updated last year
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- A cross platform forensic parser written in Rust!☆101Updated this week
- ☆537Updated this week
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Framework definitions that allow to build a custom SIEM.☆28Sep 23, 2024Updated last year
- Safe Rust API to libesedb☆12Sep 10, 2025Updated 5 months ago
- A simple trap for web crawlers☆12Aug 2, 2023Updated 2 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 4 months ago
- A library to parse macOS LoginItems☆18Aug 28, 2022Updated 3 years ago
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 4 months ago
- Linux rust keylogger☆18Mar 1, 2024Updated 2 years ago
- Rust bindings for VirusTotal/Yara☆80Nov 19, 2025Updated 3 months ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated 3 weeks ago
- Python API for the LimaCharlie.io service.☆21Feb 26, 2026Updated last week
- Event Tracing for Windows EDR bypass in Rust (usermode)☆39Jun 9, 2024Updated last year
- Get the process name or process id on windows☆20Jun 1, 2025Updated 9 months ago
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated 2 weeks ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- A cross platform C2 server written in Rust!☆51Feb 3, 2026Updated last month
- acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.☆117Feb 25, 2026Updated last week
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆37Mar 13, 2016Updated 9 years ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust☆86Jun 4, 2024Updated last year
- ☆35Aug 4, 2018Updated 7 years ago
- ☆28Jul 5, 2025Updated 7 months ago
- ☆34Jul 16, 2020Updated 5 years ago
- A DFIR tool to analyze artifacts on macOS☆35Jan 18, 2021Updated 5 years ago
- A Java Entity-Component-System game engine.☆11Dec 24, 2019Updated 6 years ago
- Go Lang Portable Executable Parser☆39Mar 31, 2021Updated 4 years ago
- A parser for the MFT (Master File Table) format☆156Jan 3, 2026Updated 2 months ago
- APISearch Plugin (x64) - A Plugin For x64dbg☆43Jul 17, 2018Updated 7 years ago
- A clone of FD (File & Directory tool) by T.Shirai☆16Jan 29, 2014Updated 12 years ago
- Powershell to read ETL file on an interval and convert it to an EVTX (so Windows Event Forwarding can 'subscribe')☆11May 16, 2017Updated 8 years ago
- 2D game engine for Common Lisp☆12Jun 5, 2012Updated 13 years ago
- Minimal C port of UTF8-CPP☆12Jun 2, 2019Updated 6 years ago