Alternatives and similar repositories for Regshot:

Users that are interested in Regshot are comparing it to the libraries listed below

• EricZimmerman / PECmd
  Prefetch Explorer Command Line
  ☆243Updated last month
• d4rksystem / VBoxCloak
  A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …
  ☆286Updated last year
• jschicht / Mft2Csv
  Extract $MFT record info and log it to a csv file.
  ☆264Updated 4 months ago
• ArsenalRecon / Arsenal-Image-Mounter
  Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.
  ☆566Updated last week
• thewhiteninja / ntfstool
  Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
  ☆500Updated last year
• EricZimmerman / LECmd
  Lnk Explorer Command line edition!!
  ☆290Updated last month
• AveYo / LeanAndMean
  snippets for power users
  ☆304Updated 3 weeks ago
• Sysinternals / sysinternals
  Content for sysinternals.com
  ☆71Updated 5 years ago
• DanysysTeam / PS-SFTA
  PowerShell Set File Type Association
  ☆295Updated 2 years ago
• d4rksystem / VMwareCloak
  A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…
  ☆337Updated last month
• EricZimmerman / MFTECmd
  Parses $MFT from NTFS file systems
  ☆221Updated 2 weeks ago
• henrypp / errorlookup
  Simple tool for retrieving information about Windows errors codes.
  ☆272Updated this week
• p0w3rsh3ll / AutoRuns
  🚀AutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitima…
  ☆265Updated last month
• kacos2000 / MFT_Browser
  $MFT directory tree reconstruction & FILE record info
  ☆298Updated 4 months ago
• m417z / winbindex
  An index of Windows binaries, including download links for executables such as exe, dll and sys files
  ☆634Updated this week
• damienvanrobaeys / Run-in-Sandbox
  Run PS1, VBS, CMD, EXE, MSI, Intunewin, MSIX, or extract ISO, ZIP in Windows Sandbox very quickly just from a right-click
  ☆800Updated 6 months ago
• Velocidex / WinPmem
  The multi-platform memory acquisition tool.
  ☆752Updated 3 months ago
• moaistory / WinSearchDBAnalyzer
  http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html
  ☆121Updated 7 months ago
• Psmths / windows-forensic-artifacts
  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
  ☆324Updated 6 months ago
• Malandrone / PowerDecode
  PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…
  ☆172Updated 10 months ago
• LETHAL-FORENSICS / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆588Updated last week
• kacos2000 / Win10
  Win 10/11 related research
  ☆184Updated last year
• AndyFul / Hard_Configurator
  GUI to Manage Software Restriction Policies and harden Windows Home OS
  ☆520Updated last month
• keydet89 / RegRipper3.0
  RegRipper3.0
  ☆579Updated 2 months ago
• MScholtes / Win-PS2EXE
  Graphical frontend to PS1-to-EXE-compiler PS2EXE.ps1
  ☆312Updated last year
• wolfram77web / app-peid
  PEiD detects most common packers, cryptors and compilers for PE files.
  ☆269Updated 7 years ago
• EricZimmerman / JumpList
  ☆113Updated last month
• Squiblydoo / debloat
  A GUI and CLI tool for removing bloat from executables
  ☆383Updated last month
• atlantsecurity / windows-hardening-scripts
  Windows 10/11 hardening scripts
  ☆243Updated 2 months ago
• damienvanrobaeys / Windows_Sandbox_Editor
  Generate and manage your windows sandbox
  ☆167Updated 3 years ago