Multi-quarantine extractor
☆56Mar 3, 2026Updated 2 months ago
Alternatives and similar repositories for maldump
Users that are interested in maldump are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dump quarantined files from Windows Defender☆78Apr 6, 2022Updated 4 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Documentation and parsers for different anti-virus quarantine formats.☆43Dec 9, 2020Updated 5 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- ☆23Mar 12, 2025Updated last year
- A tool for fetching DFIR and other GitHub tools.☆29Aug 2, 2025Updated 9 months ago
- Windows Forensics Salt States☆22Updated this week
- Publicly shareable windows event log message data☆29Nov 29, 2019Updated 6 years ago
- ☆18Mar 26, 2024Updated 2 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated 2 years ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Python script for parsing ESET (NOD32) virlog.dat file.☆14Sep 28, 2017Updated 8 years ago
- Python web app for previewing data in a Chrome Profile Folder☆26Jul 1, 2024Updated last year
- ☆28Oct 15, 2025Updated 7 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆90Feb 9, 2025Updated last year
- A GeoIP lookup utility utilizing ipinfo.io services.☆30Dec 1, 2023Updated 2 years ago
- A series of python scripts to extract information from SQLite Data Files☆21Nov 15, 2025Updated 6 months ago
- Read Registry.pol files on Linux, or anywhere Python runs!☆17Jun 12, 2023Updated 2 years ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆198Oct 29, 2025Updated 6 months ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆22Sep 30, 2022Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Forensic Imaging quickstarts!☆14Aug 12, 2022Updated 3 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆211Sep 15, 2021Updated 4 years ago
- Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux☆138May 18, 2026Updated last week
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Jun 27, 2025Updated 10 months ago
- RegRipper4.0☆99Dec 10, 2025Updated 5 months ago
- Quick ESXi Log Parser☆31Oct 20, 2025Updated 7 months ago
- USN Journal full path builder☆69Apr 16, 2026Updated last month
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆108Mar 12, 2026Updated 2 months ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated 11 months ago
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆21Jul 18, 2023Updated 2 years ago
- Crack base64(sha256(username)) hash from Microsoft Event ID 1029☆24Aug 4, 2023Updated 2 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Jun 24, 2025Updated 11 months ago
- ☆18Mar 26, 2025Updated last year
- Vault of Windows Registry forensic artifacts☆30Nov 12, 2025Updated 6 months ago