Alternatives and similar repositories for LnkParse3

Users that are interested in LnkParse3 are comparing it to the libraries listed below

• pan-unit42 / dotnetfile
  ☆104Updated last year
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆101Updated last month
• libyal / winreg-kb
  Windows Registry Knowledge Base
  ☆174Updated 7 months ago
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆180Updated last year
• jsecurity101 / TelemetrySource
  ☆247Updated last year
• JPCERTCC / Windows-Symbol-Tables
  Windows symbol tables for Volatility 3
  ☆86Updated 10 months ago
• EricZimmerman / LECmd
  Lnk Explorer Command line edition!!
  ☆308Updated 4 months ago
• thewhiteninja / deobshell
  Powershell script deobfuscation using AST in Python
  ☆66Updated last year
• EricZimmerman / AppCompatCacheParser
  AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10
  ☆117Updated 4 months ago
• kacos2000 / MFT_Browser
  $MFT directory tree reconstruction & FILE record info
  ☆305Updated 7 months ago
• RussianPanda95 / Yara-Rules
  Repository of Yara Rules
  ☆111Updated last month
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆118Updated last week
• NUKIB / maldump
  Multi-quarantine extractor
  ☆47Updated last month
• jsecurity101 / JonMon
  ☆223Updated 4 months ago
• EricZimmerman / MFT
  MFT parser
  ☆67Updated 4 months ago
• knez / defender-dump
  Dump quarantined files from Windows Defender
  ☆63Updated 3 years ago
• LETHAL-FORENSICS / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆240Updated 2 months ago
• elastic / labs-releases
  Elastic Security Labs releases
  ☆66Updated 2 weeks ago
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆114Updated 2 years ago
• strozfriedberg / cobaltstrike-config-extractor
  Cobalt Strike Beacon configuration extractor and parser.
  ☆153Updated 3 years ago
• mgeeky / msidump
  MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
  ☆212Updated 2 years ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆99Updated 11 months ago
• EricZimmerman / MFTECmd
  Parses $MFT from NTFS file systems
  ☆243Updated last month
• GDATAAdvancedAnalytics / winreg-tasks
  ☆19Updated 2 years ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆113Updated 2 years ago
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆83Updated last year
• ExaTrack / Kdrill
  Python tool to check rootkits in Windows kernel
  ☆196Updated 3 months ago
• EricZimmerman / RECmd
  Command line access to the Registry
  ☆147Updated last month
• jschicht / SetMace
  Manipulate timestamps on NTFS
  ☆51Updated 10 years ago
• elastic / die-python
  Native Python3 bindings for @horsicq's Detect-It-Easy
  ☆68Updated 3 weeks ago