Multi-quarantine extractor
☆52Feb 4, 2026Updated last month
Alternatives and similar repositories for maldump
Users that are interested in maldump are comparing it to the libraries listed below
Sorting:
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- Dump quarantined files from Windows Defender☆75Apr 6, 2022Updated 3 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- mister-skinnylegs is an open plugin framework for parsing website/webapp artifacts in browser data. It currently provides a command line …☆18Nov 14, 2025Updated 3 months ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- Python script for parsing ESET (NOD32) virlog.dat file.☆14Sep 28, 2017Updated 8 years ago
- Windows Forensics Salt States☆21Feb 23, 2026Updated last week
- Python web app for previewing data in a Chrome Profile Folder☆23Jul 1, 2024Updated last year
- A series of python scripts to extract information from SQLite Data Files☆21Nov 15, 2025Updated 3 months ago
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 7 months ago
- A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, E…☆24Nov 20, 2025Updated 3 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Jun 24, 2025Updated 8 months ago
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- Crack base64(sha256(username)) hash from Microsoft Event ID 1029☆23Aug 4, 2023Updated 2 years ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux☆134Updated this week
- Windows Minidump loader for Ghidra☆29Sep 30, 2022Updated 3 years ago
- Documentation and parsers for different anti-virus quarantine formats.☆42Dec 9, 2020Updated 5 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- The ultimate streamline for Volatility 3. Speed up process of memory artifacts extraction phase☆14Dec 19, 2024Updated last year
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- RegRipper4.0☆84Dec 10, 2025Updated 2 months ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆168Dec 7, 2025Updated 2 months ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- ☆11Mar 12, 2021Updated 4 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- /ˈhäjˌpäj/ "a confused mixture."☆13Feb 26, 2026Updated last week