Alternatives and similar repositories for rifiuti2

Users that are interested in rifiuti2 are comparing it to the libraries listed below

• jschicht / UsnJrnl2Csv
  Parser for $UsnJrnl on NTFS
  ☆117Updated 3 years ago
• arizvisa / windows-binary-tools
  Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, wa…
  ☆148Updated 10 months ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆220Updated 5 years ago
• yanncam / exe2powershell
  exe2powershell - exe2bat reborn for modern Windows
  ☆175Updated 5 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆136Updated 3 years ago
• jschicht / RawCopy
  Commandline low level file extractor for NTFS
  ☆305Updated 6 years ago
• huntresslabs / evading-autoruns
  Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)
  ☆106Updated 4 years ago
• dfirfpi / dpapilab
  Windows DPAPI laboratory
  ☆94Updated 7 years ago
• adamkramer / dll_hijack_detect
  Detects DLL hijacking in running processes on Windows systems
  ☆155Updated 10 years ago
• jschicht / ExtractUsnJrnl
  Tool to extract the $UsnJrnl from an NTFS volume
  ☆108Updated 6 years ago
• trustedsec / tscopy
  ☆94Updated 2 months ago
• mandiant / flashmingo
  Automatic analysis of SWF files based on some heuristics. Extensible via plugins.
  ☆119Updated 6 years ago
• Busindre / dumpzilla
  Extract all forensic interesting information of Firefox, Iceweasel and Seamonkey browsers
  ☆145Updated 4 years ago
• droe / acefile
  read/test/extract ACE 1.0 and 2.0 archives in pure python
  ☆78Updated last year
• kavika13 / RemCom
  Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)
  ☆361Updated 8 years ago
• HarmJ0y / pylnker
  This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.
  ☆80Updated 2 years ago
• ionescu007 / SpecuCheck
  SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-20…
  ☆581Updated 6 years ago
• brandonprry / Potato
  Windows privilege escalation through NTLM Relay and NBNS Spoofing
  ☆52Updated 9 years ago
• limbenjamin / TCPHound
  Win32 utility for auditing TCP connections
  ☆56Updated 5 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆211Updated 8 months ago
• gushmazuko / WinBypass
  Windows UAC Bypass
  ☆98Updated 6 years ago
• 3gstudent / Eventlogedit-evtx--Evolution
  Remove individual lines from Windows XML Event Log (EVTX) files
  ☆271Updated 4 years ago
• GoSecure / DLLPasswordFilterImplant
  DLL Password Filter Implant with Exfiltration Capabilities
  ☆138Updated 5 years ago
• decalage2 / oledump-contrib
  The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.
  ☆57Updated 9 years ago
• DimopoulosElias / alpc-mmc-uac-bypass
  UAC Bypass with mmc via alpc
  ☆157Updated 6 years ago
• cyberark / ketshash
  A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
  ☆172Updated 9 months ago
• fox-it / danderspritz-evtx
  Parse evtx files and detect use of the DanderSpritz eventlogedit module
  ☆150Updated 7 years ago
• williballenthin / shellbags
  Cross-platform, open-source shellbag parser
  ☆158Updated 2 years ago
• kevthehermit / volatility_plugins
  Volatility Plugins
  ☆64Updated 2 years ago
• williballenthin / python-sdb
  Pure Python parser for Application Compatibility Shim Databases (.sdb files)
  ☆109Updated 4 years ago