Seabreg / Regshot
Regshot is a small, free and open-source registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product
☆361Updated 5 years ago
Alternatives and similar repositories for Regshot
Users that are interested in Regshot are comparing it to the libraries listed below
Sorting:
- Prefetch Explorer Command Line☆254Updated 4 months ago
- Forensics tool for NTFS (parser, mft, bitlocker, deleted files)☆516Updated last year
- Extract $MFT record info and log it to a csv file.☆270Updated 7 months ago
- Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.☆600Updated 3 weeks ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆623Updated 2 months ago
- Lnk Explorer Command line edition!!☆304Updated 4 months ago
- Content for sysinternals.com☆71Updated 5 years ago
- This is a fork of Regshot (original found at https://sourceforge.net/projects/regshot/) with very enhanced functionality.☆76Updated 4 years ago
- RegRipper3.0☆602Updated 5 months ago
- $MFT directory tree reconstruction & FILE record info☆304Updated 7 months ago
- An index of Windows binaries, including download links for executables such as exe, dll and sys files☆654Updated this week
- The multi-platform memory acquisition tool.☆790Updated 5 months ago
- Parses $MFT from NTFS file systems☆238Updated last week
- Encyclopedia for Executables☆440Updated 3 years ago
- Run a program as TrustedInstaller (SYSTEM)☆148Updated last month
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆351Updated 3 months ago
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆294Updated 2 years ago
- PEiD detects most common packers, cryptors and compilers for PE files.☆289Updated 8 years ago
- 🚀AutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitima…☆270Updated 4 months ago
- Generate and manage your windows sandbox☆172Updated 3 years ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆187Updated last year
- Windows 10/11 hardening scripts☆252Updated 5 months ago
- A wireshark plugin to instrument ETW☆558Updated 3 years ago
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆220Updated 11 months ago
- C# based evtx parser with lots of extras☆306Updated 3 weeks ago
- A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities☆664Updated 6 months ago
- Simple tool for retrieving information about Windows errors codes.☆283Updated last week
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆475Updated 7 months ago
- Parser for $UsnJrnl on NTFS☆110Updated 2 years ago
- PowerShell Set File Type Association☆307Updated 2 years ago