aff4 / pyaff4Links
The Python implementation of the AFF4 standard.
☆45Updated last year
Alternatives and similar repositories for pyaff4
Users that are interested in pyaff4 are comparing it to the libraries listed below
Sorting:
- AFF4 Standard Documents☆29Updated 3 years ago
- Command line utility and Python package to ease the (un)mounting of forensic disk images☆124Updated 2 years ago
- Yet another registry parser☆136Updated 3 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Updated 5 years ago
- Python library for parsing AccessData AD1 images☆33Updated 2 years ago
- Specifications used in the MISP project including MISP core format☆52Updated 3 months ago
- A better strings utility!☆142Updated last month
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Different DFIR and CTI utilities☆37Updated 5 years ago
- A rewrite of mactime, a bodyfile reader☆40Updated last year
- Pythonic way to work with the galaxies defined there: https://github.com/MISP/misp-galaxy☆19Updated 2 months ago
- Python bindings for The Sleuth Kit (libtsk)☆107Updated 3 weeks ago
- Extract compressed memory pages from page-aligned data☆46Updated 7 years ago
- Definition, description and relationship types of MISP objects☆100Updated last week
- Looks stuff up (MD5, SHA256, IP, Domains, URL's, strings e.g. mutexes)...☆36Updated 8 years ago
- Digital Forensics Windows Registry (dfWinReg)☆53Updated 2 months ago
- Checks with NSRL RDS servers looking for for hash matches☆114Updated 4 years ago
- An NTFS journal parser☆82Updated 9 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆40Updated 5 years ago
- "Fuzzy matching" for SQLite databases☆30Updated 5 years ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆42Updated 2 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆33Updated 2 weeks ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Updated 6 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆110Updated 7 years ago
- A DFVFS Backed Forensic Viewer☆40Updated 5 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆27Updated 4 years ago
- An AFF4 C++ implementation.☆211Updated 2 years ago
- Python bindings for https://github.com/omerbenamram/evtx/☆52Updated 7 months ago
- A modern Python-3-based alternative to RegRipper☆196Updated 6 months ago
- Registry Explorer bookmark definitions☆43Updated 9 months ago