Seabreg / RegshotLinks
Regshot is a small, free and open-source registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product
☆468Updated 6 years ago
Alternatives and similar repositories for Regshot
Users that are interested in Regshot are comparing it to the libraries listed below
Sorting:
- Prefetch Explorer Command Line☆277Updated last year
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆394Updated 6 months ago
- Lnk Explorer Command line edition!!☆334Updated last year
- Forensics tool for NTFS (parser, mft, bitlocker, deleted files)☆584Updated 2 years ago
- Parses $MFT from NTFS file systems☆291Updated 8 months ago
- Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.☆689Updated last week
- Content for sysinternals.com☆78Updated 6 years ago
- RegRipper3.0☆673Updated last year
- A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities☆697Updated last year
- A GUI and CLI tool for removing bloat from executables☆437Updated 6 months ago
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆424Updated 11 months ago
- Windows 10/11 hardening scripts☆267Updated last month
- Encyclopedia for Executables☆465Updated 4 years ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆691Updated 2 months ago
- ☆227Updated last week
- An index of Windows binaries, including download links for executables such as exe, dll and sys files☆742Updated this week
- The multi-platform memory acquisition tool.☆924Updated 3 months ago
- Sysmon configuration file template with default high-quality event tracing☆551Updated this week
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆445Updated last year
- $MFT directory tree reconstruction & FILE record info☆323Updated last year
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆228Updated last year
- Total Registry - enhanced Registry editor/viewer☆1,570Updated 2 weeks ago
- ☆151Updated 11 years ago
- This is a fork of Regshot (original found at https://sourceforge.net/projects/regshot/) with very enhanced functionality.☆87Updated 4 years ago
- Module to compile powershell scripts to executables☆1,652Updated 4 months ago
- Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.☆453Updated 2 weeks ago
- C# based evtx parser with lots of extras☆340Updated 4 months ago
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆251Updated last year
- Extract $MFT record info and log it to a csv file.☆284Updated last year
- 🚀AutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitima…☆282Updated last year