Alternatives and similar repositories for Regshot

Users that are interested in Regshot are comparing it to the libraries listed below

• EricZimmerman / PECmd
  Prefetch Explorer Command Line
  ☆258Updated 4 months ago
• thewhiteninja / ntfstool
  Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
  ☆520Updated last year
• EricZimmerman / LECmd
  Lnk Explorer Command line edition!!
  ☆308Updated 4 months ago
• kacos2000 / MFT_Browser
  $MFT directory tree reconstruction & FILE record info
  ☆305Updated 8 months ago
• ArsenalRecon / Arsenal-Image-Mounter
  Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.
  ☆610Updated last week
• henrypp / errorlookup
  Simple tool for retrieving information about Windows errors codes.
  ☆284Updated 3 weeks ago
• atlantsecurity / windows-hardening-scripts
  Windows 10/11 hardening scripts
  ☆252Updated 5 months ago
• jschicht / Mft2Csv
  Extract $MFT record info and log it to a csv file.
  ☆271Updated 8 months ago
• skydive241 / Regshot-Advanced
  This is a fork of Regshot (original found at https://sourceforge.net/projects/regshot/) with very enhanced functionality.
  ☆76Updated 4 years ago
• LETHAL-FORENSICS / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆629Updated 2 months ago
• EricZimmerman / MFTECmd
  Parses $MFT from NTFS file systems
  ☆243Updated last month
• SafeBreach-Labs / WindowsDowndate
  A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
  ☆666Updated 7 months ago
• Psmths / windows-forensic-artifacts
  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
  ☆357Updated 9 months ago
• keydet89 / RegRipper3.0
  RegRipper3.0
  ☆612Updated 5 months ago
• d4rksystem / VMwareCloak
  A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…
  ☆356Updated 4 months ago
• d4rksystem / VBoxCloak
  A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …
  ☆294Updated 2 years ago
• Velocidex / WinPmem
  The multi-platform memory acquisition tool.
  ☆800Updated 6 months ago
• strontic / xcyclopedia
  Encyclopedia for Executables
  ☆444Updated 3 years ago
• libyal / winreg-kb
  Windows Registry Knowledge Base
  ☆174Updated 8 months ago
• AveYo / LeanAndMean
  snippets for power users
  ☆328Updated 4 months ago
• DanysysTeam / PS-SFTA
  PowerShell Set File Type Association
  ☆308Updated 2 years ago
• AveYo / Compressed2TXT
  File(s)/Folder(s) "Send to" menu .bat ascii encoder with optional password and makecab lzx compression
  ☆231Updated 3 years ago
• Sysinternals / sysinternals
  Content for sysinternals.com
  ☆71Updated 5 years ago
• MicrosoftDocs / WDAC-Toolkit
  Documentation and tools to access Windows Defender Application Control (WDAC) technology.
  ☆230Updated this week
• p0w3rsh3ll / AutoRuns
  🚀AutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitima…
  ☆273Updated 5 months ago
• Malandrone / PowerDecode
  PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…
  ☆188Updated last year
• airbus-cert / Winshark
  A wireshark plugin to instrument ETW
  ☆559Updated 3 years ago
• m417z / winapiexec
  A small tool that allows to run WinAPI functions through command line parameters
  ☆195Updated 2 years ago
• zeronetworks / rpcfirewall
  ☆517Updated 5 months ago
• moaistory / WinSearchDBAnalyzer
  http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html
  ☆122Updated 10 months ago