Alternatives and similar repositories for pyADS

Users that are interested in pyADS are comparing it to the libraries listed below

• jschicht / PowerMft
  Powerful commandline $MFT record editor.
  ☆24Updated 9 years ago
• fireeye / cWMI
  This project is a lightweight wrapper for interacting with WMI using python/ctypes
  ☆38Updated 6 years ago
• fbruzzaniti / Capture-Py
  Capture-Py is a malware analysis tool that makes a copy of any files deleted or modified in a given directory and sub-directories. It was…
  ☆23Updated 8 years ago
• cylance / GetNETGUIDs
  Extract GUIDs from .NET assemblies
  ☆21Updated 9 years ago
• jeffbryner / pyMFTGrabber
  Utility to retrieve the Master File Table (MFT) from a live running NTFS volume and send it to a netcat listener.
  ☆40Updated 10 years ago
• seanthegeek / routetor
  A socket server for routing specific source addresses through Tor
  ☆9Updated 9 years ago
• JohnLaTwC / MacroJob
  Proof of concept VBA code to add to Normal.dot to put restrictions on Word
  ☆41Updated 8 years ago
• zacbrown / PowerShellMethodAuditor
  PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
  ☆38Updated 7 years ago
• matthewdunwoody / PS_logging_reg
  A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed
  ☆16Updated 9 years ago
• tildedennis / malware
  ☆43Updated 6 years ago
• Paul-Tew / lifer
  Windows link file (shortcuts) examiner
  ☆68Updated last year
• zacbrown / hiddentreasure-etw-demo
  Basic demo for Hidden Treasure talk.
  ☆49Updated 7 years ago
• techbliss / Yara_Mailware_Quick_menu_scanner
  Work Fast With the pattern matching swiss knife for malware researchers.
  ☆38Updated 9 years ago
• Rurik / FileInfo
  Basic file metadata gathering script
  ☆21Updated 2 months ago
• fr0gger / SuperPeHasher
  SuperPeHasher is a wrapper for several hash algorithms dedicated to PE file.
  ☆28Updated 3 years ago
• Rurik / PE_Carver
  Carves EXEs from given data files, using intelligent carving based upon PE headers
  ☆39Updated 8 years ago
• zacbrown / PowerKrabsEtw
  PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
  ☆103Updated 4 years ago
• dnlongen / RegLister
  Recurse through a registry, identifying values with large data -- a registry malware hunter
  ☆44Updated 8 years ago
• NTFSparse / ntfs_parse
  NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
  ☆37Updated 8 years ago
• dfirfpi / dpapilab
  Windows DPAPI laboratory
  ☆91Updated 7 years ago
• williballenthin / python-evt
  Pure Python parser for classic Windows Event Log files (.evt)
  ☆50Updated 2 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆136Updated 2 years ago
• grierforensics / officedissector
  Static analysis tools for Microsoft Office Open XML files and documents
  ☆70Updated 7 years ago
• mattifestation / MSFTTraceMessageFormat
  All TMF files that I extracted from Microsoft PDBs.
  ☆13Updated 6 years ago
• DissectMalware / MalwareCMDMonitor
  Shows command lines used by latest instances analyzed on Hybrid-Analysis
  ☆43Updated 6 years ago
• matthastings / PSalander
  ☆52Updated 6 years ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆45Updated 6 years ago
• waleedassar / TimeDateStamp
  Discover TimeDateStamps In PE File
  ☆17Updated 9 years ago
• Kafeine / public
  ☆19Updated 6 years ago
• itsreallynick / office-crackros
  Crack your macros like the math pros.
  ☆33Updated 8 years ago