Alternatives and similar repositories for rifiuti2:

Users that are interested in rifiuti2 are comparing it to the libraries listed below

• jschicht / UsnJrnl2Csv
  Parser for $UsnJrnl on NTFS
  ☆110Updated 2 years ago
• yanncam / exe2powershell
  exe2powershell - exe2bat reborn for modern Windows
  ☆172Updated 4 years ago
• jschicht / RawCopy
  Commandline low level file extractor for NTFS
  ☆284Updated 5 years ago
• 3gstudent / Eventlogedit-evtx--Evolution
  Remove individual lines from Windows XML Event Log (EVTX) files
  ☆267Updated 3 years ago
• fox-it / danderspritz-evtx
  Parse evtx files and detect use of the DanderSpritz eventlogedit module
  ☆148Updated 7 years ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆220Updated 4 years ago
• p0w3rsh3ll / AutoRuns
  🚀AutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitima…
  ☆267Updated 2 months ago
• EricZimmerman / LECmd
  Lnk Explorer Command line edition!!
  ☆293Updated 2 months ago
• williballenthin / shellbags
  Cross-platform, open-source shellbag parser
  ☆150Updated 2 years ago
• decalage2 / oledump-contrib
  The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.
  ☆52Updated 8 years ago
• trustedsec / tscopy
  ☆90Updated 2 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆134Updated 2 years ago
• csababarta / ntdsxtract
  Active Directory forensic framework
  ☆324Updated 3 years ago
• cyberark / ketshash
  A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
  ☆169Updated last month
• ionescu007 / SpecuCheck
  SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-20…
  ☆573Updated 5 years ago
• arizvisa / windows-binary-tools
  Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, wa…
  ☆139Updated 2 months ago
• jschicht / ExtractUsnJrnl
  Tool to extract the $UsnJrnl from an NTFS volume
  ☆107Updated 5 years ago
• SadProcessor / SomeStuff
  Some PowerShell Stuff
  ☆282Updated 2 years ago
• pwndizzle / CodeExecutionOnWindows
  A list of ways to execute code on Windows using legitimate Windows tools
  ☆306Updated 5 years ago
• r4wd3r / RID-Hijacking
  Windows RID Hijacking persistence technique
  ☆172Updated 4 months ago
• GoSecure / DLLPasswordFilterImplant
  DLL Password Filter Implant with Exfiltration Capabilities
  ☆136Updated 5 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆209Updated 2 weeks ago
• travisfoley / dfirtriage
  Digital forensic acquisition tool for Windows based incident response.
  ☆338Updated 10 months ago
• Cn33liz / MSBuildShell
  MSBuildShell, a Powershell Host running within MSBuild.exe
  ☆287Updated 5 years ago
• quarkslab / quarkspwdump
  Dump various types of Windows credentials without injecting in any process.
  ☆426Updated 2 years ago
• R3MRUM / PSDecode
  PowerShell script for deobfuscating encoded PowerShell scripts
  ☆425Updated 4 years ago
• netwrix / poshkatz
  PowerShell module for Mimikatz
  ☆212Updated 5 years ago
• mattifestation / WMI_Backdoor
  A PoC WMI backdoor presented at Black Hat 2015
  ☆273Updated 9 years ago
• sailay1996 / UAC_bypass_windows_store
  Windows 10 LPE (UAC Bypass) in Windows Store (WSReset.exe)
  ☆263Updated 5 years ago
• sud0woodo / DCOMrade
  Powershell script for enumerating vulnerable DCOM Applications
  ☆256Updated 6 years ago