A lightweight C++/C AFF4 reader library
☆14Feb 5, 2026Updated 3 weeks ago
Alternatives and similar repositories for aff4-cpp-lite
Users that are interested in aff4-cpp-lite are comparing it to the libraries listed below
Sorting:
- AFF4 Standard Documents☆29Feb 4, 2022Updated 4 years ago
- The Python implementation of the AFF4 standard.☆45Nov 13, 2025Updated 3 months ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Library and tools to access the GUID Partition Table (GPT) volume system format☆11Dec 20, 2025Updated 2 months ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- API for bulk_extractor version 1.3☆14Nov 6, 2025Updated 3 months ago
- Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.☆17Aug 17, 2020Updated 5 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆14Mar 4, 2019Updated 6 years ago
- Python library for parsing AccessData AD1 images☆33Jun 1, 2023Updated 2 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Library and tools to access the Extended File System☆18Feb 1, 2026Updated 3 weeks ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.☆21May 19, 2022Updated 3 years ago
- Library to process OLE compound file format. This is a work in progress and was initially written for jumplist parsing (for which it does…☆19Feb 2, 2025Updated last year
- Lightweight Microsoft OLE file parser in pure Python☆20Oct 17, 2019Updated 6 years ago
- An AFF4 C++ implementation.☆214Mar 24, 2023Updated 2 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Forensic Analysis Tool for Btrfs File System.☆20Aug 6, 2018Updated 7 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Oct 27, 2019Updated 6 years ago
- VM setup for Malware RE labs☆28Apr 26, 2019Updated 6 years ago
- ☆23May 7, 2021Updated 4 years ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- Perform operations on URLs like extracting paths, parameter names and/or values, domain name, host name (without HTTP[s]).☆29Aug 19, 2020Updated 5 years ago
- Example of hijacking system calls via function pointer tables☆31Jun 26, 2021Updated 4 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Triaging Windows event logs based on SANS Poster☆47Nov 22, 2025Updated 3 months ago
- Library and tools to access the OLE 2 Compound File (OLECF) format☆74Dec 21, 2025Updated 2 months ago
- Library of python scripts to apply Data Science in several forensics artifacts☆31Jul 16, 2020Updated 5 years ago
- Material do Grupo de Estudos em Ciência de Dados☆13Jan 25, 2021Updated 5 years ago
- GUI for GHRepoSearcher. It allows to search online repositories on github.☆10May 20, 2022Updated 3 years ago
- Threathunt details for the Solarwinds compromise☆33Jun 26, 2021Updated 4 years ago
- pollen - A command-line tool for interacting with TheHive☆36Jun 6, 2019Updated 6 years ago
- This PS script will extract macro from Excel and Word files. Also checks the macro for suspecious code patterns Includes temporary DDE ch…☆34Jul 7, 2024Updated last year
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago