RobinDavid / pyADS

Related projects ⓘ

Alternatives and complementary repositories for pyADS

• jeffbryner / pyMFTGrabber
  Utility to retrieve the Master File Table (MFT) from a live running NTFS volume and send it to a netcat listener.
  ☆40Updated 10 years ago
• jschicht / PowerMft
  Powerful commandline $MFT record editor.
  ☆23Updated 9 years ago
• woanware / JumpLister
  ☆18Updated 11 years ago
• PoorBillionaire / USN-Journal-Parser
  Python script to parse the NTFS USN Journal
  ☆107Updated 2 years ago
• fbruzzaniti / Capture-Py
  Capture-Py is a malware analysis tool that makes a copy of any files deleted or modified in a given directory and sub-directories. It was…
  ☆23Updated 7 years ago
• Paul-Tew / lifer
  Windows link file (shortcuts) examiner
  ☆67Updated 5 months ago
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆36Updated 4 months ago
• chadgough / x-tensions
  X-Ways C# X-Tension API
  ☆15Updated 11 years ago
• williballenthin / python-ntfs
  Open source Python library for NTFS analysis
  ☆80Updated 6 years ago
• forensicmatt / PyWindowsThingies
  Windows Thingies in Python for live use.
  ☆24Updated 5 years ago
• pmelson / narc
  ☆54Updated 4 years ago
• grierforensics / officedissector
  Static analysis tools for Microsoft Office Open XML files and documents
  ☆68Updated 7 years ago
• JohnLaTwC / MacroJob
  Proof of concept VBA code to add to Normal.dot to put restrictions on Word
  ☆41Updated 7 years ago
• dnlongen / RegLister
  Recurse through a registry, identifying values with large data -- a registry malware hunter
  ☆44Updated 8 years ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆41Updated 6 years ago
• williballenthin / INDXParse
  Tool suite for inspecting NTFS artifacts.
  ☆216Updated last year
• kslgroup / threadmap
  threadmap plugin for Volatility Foundation
  ☆27Updated 3 years ago
• jschicht / Secure2Csv
  Decode security descriptors in $Secure on NTFS
  ☆20Updated 2 years ago
• RUB-NDS / MS-RMS-Attacks
  Breaking the security of Microsoft's RMS
  ☆53Updated 5 years ago
• mattifestation / MSFTTraceMessageFormat
  All TMF files that I extracted from Microsoft PDBs.
  ☆12Updated 5 years ago
• zacbrown / hiddentreasure-etw-demo
  Basic demo for Hidden Treasure talk.
  ☆49Updated 7 years ago
• mrpapercut / wscript
  ☆81Updated 5 years ago
• PoorBillionaire / Windows-Prefetch-Parser
  Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
  ☆115Updated 5 months ago
• aurel26 / s-4-u-for-windows
  s(4)u for Windows
  ☆48Updated 3 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆134Updated 2 years ago
• williballenthin / LfLe
  Recover event log entries from an image by heurisitically looking for record structures.
  ☆27Updated 9 years ago
• libyal / libagdb
  Library and tools to access the Windows SuperFetch database format
  ☆12Updated 4 months ago
• fireeye / cWMI
  This project is a lightweight wrapper for interacting with WMI using python/ctypes
  ☆37Updated 5 years ago