aff4 / pyaff4Links
The Python implementation of the AFF4 standard.
☆44Updated last year
Alternatives and similar repositories for pyaff4
Users that are interested in pyaff4 are comparing it to the libraries listed below
Sorting:
- AFF4 Standard Documents☆29Updated 3 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Updated 5 years ago
- Yet another registry parser☆133Updated 3 years ago
- Command line utility and Python package to ease the (un)mounting of forensic disk images☆124Updated 2 years ago
- Python library for parsing AccessData AD1 images☆33Updated 2 years ago
- Python bindings for The Sleuth Kit (libtsk)☆103Updated last week
- Specifications used in the MISP project including MISP core format☆51Updated last month
- Different DFIR and CTI utilities☆37Updated 5 years ago
- Extract compressed memory pages from page-aligned data☆46Updated 6 years ago
- Checks with NSRL RDS servers looking for for hash matches☆114Updated 4 years ago
- A rewrite of mactime, a bodyfile reader☆40Updated last year
- Pythonic way to work with the galaxies defined there: https://github.com/MISP/misp-galaxy☆19Updated 3 weeks ago
- Definition, description and relationship types of MISP objects☆99Updated last week
- Set of Yara rules for finding files using magics headers☆138Updated 4 years ago
- A timestamp and date decoder written for python 3☆39Updated 2 months ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆42Updated 2 years ago
- Digital Forensics Windows Registry (dfWinReg)☆52Updated last week
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Digital Forensic Investigative Scripts☆83Updated this week
- A better strings utility!☆136Updated last month
- Digital Forensics Virtual File System (dfVFS)☆210Updated last week
- A DFVFS Backed Forensic Viewer☆40Updated 5 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆109Updated 7 years ago
- Example programs used in the automating DFIR series☆63Updated 6 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆39Updated 5 years ago
- Python bindings for https://github.com/omerbenamram/evtx/☆50Updated 5 months ago
- 1-Click push forensics evidence to the cloud☆141Updated last year
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Carves and recreates VSS catalog and store from Windows disk image.☆99Updated 2 years ago
- This repository is a collection of EnScript code samples for use in the OpenText Endpoint Forensic and OpenText Endpoint Investigator app…☆53Updated 3 weeks ago