Alternatives and similar repositories for Regshot

Users that are interested in Regshot are comparing it to the libraries listed below

• EricZimmerman / PECmd
  Prefetch Explorer Command Line
  ☆280Updated last year
• thewhiteninja / ntfstool
  Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
  ☆592Updated 2 years ago
• d4rksystem / VBoxCloak
  A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …
  ☆394Updated 7 months ago
• keydet89 / RegRipper3.0
  RegRipper3.0
  ☆681Updated last year
• EricZimmerman / MFTECmd
  Parses $MFT from NTFS file systems
  ☆292Updated 9 months ago
• LETHAL-FORENSICS / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆693Updated 3 months ago
• Squiblydoo / debloat
  A GUI and CLI tool for removing bloat from executables
  ☆441Updated 7 months ago
• EricZimmerman / LECmd
  Lnk Explorer Command line edition!!
  ☆335Updated last year
• strontic / xcyclopedia
  Encyclopedia for Executables
  ☆472Updated 4 years ago
• ArsenalRecon / Arsenal-Image-Mounter
  Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.
  ☆700Updated last week
• Velocidex / WinPmem
  The multi-platform memory acquisition tool.
  ☆942Updated 3 months ago
• d4rksystem / VMwareCloak
  A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…
  ☆425Updated last year
• skydive241 / Regshot-Advanced
  This is a fork of Regshot (original found at https://sourceforge.net/projects/regshot/) with very enhanced functionality.
  ☆87Updated 4 years ago
• Sysinternals / sysinternals
  Content for sysinternals.com
  ☆80Updated 6 years ago
• kacos2000 / MFT_Browser
  $MFT directory tree reconstruction & FILE record info
  ☆325Updated last year
• PhrozenIO / DLest
  Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.
  ☆251Updated last year
• atlantsecurity / windows-hardening-scripts
  Windows 10/11 hardening scripts
  ☆268Updated 2 months ago
• zodiacon / TotalRegistry
  Total Registry - enhanced Registry editor/viewer
  ☆1,579Updated last month
• SafeBreach-Labs / WindowsDowndate
  A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
  ☆696Updated last year
• jschicht / Mft2Csv
  Extract $MFT record info and log it to a csv file.
  ☆284Updated last year
• microsoft / EventLogExpert
  ☆230Updated last week
• m417z / winbindex
  An index of Windows binaries, including download links for executables such as exe, dll and sys files
  ☆753Updated this week
• strontic / strontic.github.io
  Security. Automation. Analytics.
  ☆59Updated 2 years ago
• Psmths / windows-forensic-artifacts
  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
  ☆458Updated last year
• mandiant / VM-Packages
  Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
  ☆215Updated this week
• DanysysTeam / PS-SFTA
  PowerShell Set File Type Association
  ☆354Updated 3 years ago
• PhrozenIO / Arcane
  Arcane - A secure remote desktop application for Windows with the particularity of having a server entirely written in PowerShell and…
  ☆306Updated 6 months ago
• Malandrone / PowerDecode
  PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…
  ☆229Updated last year
• EricZimmerman / evtx
  C# based evtx parser with lots of extras
  ☆340Updated 5 months ago
• wolfram77web / app-peid
  PEiD detects most common packers, cryptors and compilers for PE files.
  ☆327Updated 8 years ago