Alternatives and similar repositories for forensic-rs

Users that are interested in forensic-rs are comparing it to the libraries listed below

• elastic / Silhouette
  Keep it secret, keep it safe
  ☆78Updated 8 months ago
• AbdulRhmanAlfaifi / lnk_parser
  lnk_parser is a full rust implementation to parse windows LNK files
  ☆20Updated 3 months ago
• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆98Updated last week
• WithSecureLabs / tau-engine
  A document tagging library
  ☆30Updated 6 months ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆79Updated last year
• JPCERTCC / etw-scan
  ETW forensic tool for Volatility3 plugin
  ☆16Updated 10 months ago
• RussianPanda95 / Configuration_extractors
  Configuration Extractors for Malware
  ☆113Updated 5 months ago
• WhiteBeamSec / WhiteBeam
  WhiteBeam: Transparent endpoint security
  ☆100Updated 2 years ago
• vobst / BPFVol3
  Linux BPF plugins for Volatility3
  ☆23Updated last year
• airbus-cert / minusone
  Powershell Linter
  ☆83Updated last week
• secur30nly / netuser-rs
  Rust bindings to Microsoft Windows users / groups management API
  ☆34Updated last year
• MalGamy / YARA_Rules
  ☆67Updated 2 years ago
• NextronSystems / gimphash
  Imphash-like calculation on Golang binaries
  ☆49Updated 3 years ago
• MikeHorn-git / WAFS
  Hardened your Windows OS against forensics analysis
  ☆22Updated 10 months ago
• DissectMalware / yaradbg-frontend
  ☆39Updated last year
• Yamato-Security / sigma-to-hayabusa-converter
  Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
  ☆15Updated 3 weeks ago
• RussianPanda95 / Yara-Rules
  Repository of Yara Rules
  ☆123Updated 3 weeks ago
• bobby-tablez / TTP-Threat-Feeds
  Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨
  ☆36Updated last week
• strozfriedberg / QELP
  Quick ESXi Log Parser
  ☆26Updated last month
• fboldewin / YARA_Detection_Engineering
  Detection Engineering with YARA
  ☆87Updated last year
• Velocidex / Linpmem
  Linpmem is a linux memory acquisition tool
  ☆88Updated 3 months ago
• malwaredb / malwaredb-rs
  MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
  ☆53Updated this week
• lxndrblz / forensicsim
  A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…
  ☆103Updated this week
• Yamato-Security / Presentations
  ☆19Updated 6 months ago
• jstrosch / FLARE-VM-configs
  These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…
  ☆15Updated last year
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆82Updated 2 years ago
• omerbenamram / winstructs
  Parsers for common structures across windows formats.
  ☆12Updated 2 years ago
• StrangerealIntel / Shadow-Pulse
  information about ransomware groups (Ransomware Analysis Notes)
  ☆39Updated last year
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆21Updated last year
• avast / yari
  YARI is an interactive debugger for YARA Language.
  ☆89Updated last month