Seabreg / Regshot
Regshot is a small, free and open-source registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product
☆307Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for Regshot
- Prefetch Explorer Command Line☆223Updated 2 months ago
- Extract $MFT record info and log it to a csv file.☆259Updated last month
- Lnk Explorer Command line edition!!☆277Updated 5 months ago
- 🚀AutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitima…☆256Updated 7 months ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆541Updated 3 weeks ago
- Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.☆525Updated this week
- Forensics tool for NTFS (parser, mft, bitlocker, deleted files)☆478Updated last year
- Content for sysinternals.com☆65Updated 5 years ago
- Parses $MFT from NTFS file systems☆201Updated this week
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆161Updated 6 months ago
- Encyclopedia for Executables☆417Updated 3 years ago
- RegRipper3.0☆558Updated 2 weeks ago
- Total Registry - enhanced Registry editor/viewer☆1,399Updated last month
- The multi-platform memory acquisition tool.☆694Updated this week
- $MFT directory tree reconstruction & FILE record info☆292Updated last month
- ☆139Updated 10 years ago
- This is a fork of Regshot (original found at https://sourceforge.net/projects/regshot/) with very enhanced functionality.☆66Updated 3 years ago
- Living Off The Land Drivers☆1,039Updated last month
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆278Updated last year
- C# based evtx parser with lots of extras☆282Updated 2 months ago
- http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html☆119Updated 4 months ago
- Event Tracing For Windows (ETW) Resources☆349Updated last month
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆279Updated 3 months ago
- PEiD detects most common packers, cryptors and compilers for PE files.☆246Updated 7 years ago
- Copies of my 'Script Center' and 'Technet Gallery' publications☆365Updated 2 months ago
- Windows Registry Knowledge Base☆162Updated last month
- Module to compile powershell scripts to executables☆1,256Updated last month
- Application runtime environment customization utility☆423Updated 3 weeks ago
- Commandline low level file extractor for NTFS☆274Updated 5 years ago
- A GUI and CLI tool for removing bloat from executables☆342Updated last week