RobinDavid / pyADS
Python module to manipulate NTFS Alternate Data Stream (ADS) in Python
☆57Updated 6 years ago
Alternatives and similar repositories for pyADS:
Users that are interested in pyADS are comparing it to the libraries listed below
- Static analysis tools for Microsoft Office Open XML files and documents☆69Updated 7 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- Windows Shortcut file (LNK) parser☆134Updated 2 years ago
- Python script to parse the NTFS USN Journal☆110Updated 2 years ago
- Utility to retrieve the Master File Table (MFT) from a live running NTFS volume and send it to a netcat listener.☆40Updated 10 years ago
- Windows link file (shortcuts) examiner☆68Updated 10 months ago
- Extract GUIDs from .NET assemblies☆21Updated 8 years ago
- ☆18Updated 11 years ago
- Open source Python library for NTFS analysis☆80Updated 7 years ago
- Javascript deobfuscation tool☆17Updated 7 years ago
- Windows Thingies in Python for live use.☆24Updated 6 years ago
- This project is a lightweight wrapper for interacting with WMI using python/ctypes☆38Updated 6 years ago
- This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.☆77Updated 2 years ago
- ☆53Updated 4 years ago
- Various DFIR Tools☆26Updated 6 years ago
- Powerful commandline $MFT record editor.☆23Updated 9 years ago
- Digital Forensics Windows Registry (dfWinReg)☆51Updated 4 months ago
- Extract compressed memory pages from page-aligned data☆45Updated 6 years ago
- Yet another registry parser☆132Updated 3 years ago
- A Windows Event Processing Utility☆46Updated 7 years ago
- Basic file metadata gathering script☆21Updated 2 weeks ago
- ☆82Updated 5 years ago
- Yet another Python library to read and write PE/PE+ files.☆80Updated 8 years ago
- Windows DPAPI laboratory☆91Updated 7 years ago
- Discover TimeDateStamps In PE File☆17Updated 9 years ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆45Updated 8 years ago
- Capture-Py is a malware analysis tool that makes a copy of any files deleted or modified in a given directory and sub-directories. It was…☆23Updated 7 years ago
- Smart DLL execution for malware analysis in sandbox systems☆143Updated 10 years ago
- NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl☆37Updated 8 years ago
- Command line $MFT record decoder☆11Updated 7 years ago