Alternatives and similar repositories for plaso

Users that are interested in plaso are comparing it to the libraries listed below

• dfrc-korea / carpe-sleuthkit
  ☆21Updated 4 years ago
• dfrc-korea / carpe-pytsk
  ☆19Updated 5 years ago
• dfrc-korea / carpe
  Carpe Forensics
  ☆74Updated last year
• sdckey / EnScript-Samples
  This repository is a collection of EnScript code samples for use in the OpenText Endpoint Forensic and OpenText Endpoint Investigator app…
  ☆54Updated 3 months ago
• dfrc-korea / SQLiteRecover
  ☆21Updated 6 years ago
• cheeky4n6monkey / 4n6-scripts
  Forensic Scripts
  ☆154Updated 6 months ago
• EnCaseIntegratedToolkit / EITT
  a GUI Interface for DFIR Open Source Tools
  ☆10Updated 10 years ago
• abrignoni / DFIR-SQL-Query-Repo
  Collection of SQL query templates for digital forensics use by platform and application.
  ☆109Updated 4 years ago
• dlcowen / dfirwizard
  Example programs used in the automating DFIR series
  ☆63Updated 6 years ago
• nannib / Imm2Virtual
  This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, dire…
  ☆55Updated 6 years ago
• pstirparo / mac4n6
  Collection of forensics artifacts location for Mac OS X and iOS
  ☆337Updated 3 years ago
• bring2lite / bring2lite
  ☆31Updated 5 years ago
• log2timeline / dfvfs
  Digital Forensics Virtual File System (dfVFS)
  ☆213Updated this week
• joachimmetz / artifacts
  ForensicArtifacts.com Artifact Repository
  ☆12Updated this week
• blackbagtech / sleuthkit-APFS
  A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.
  ☆26Updated 5 years ago
• py4n6 / pytsk
  Python bindings for The Sleuth Kit (libtsk)
  ☆107Updated last month
• forensenellanebbia / xways-forensics
  Personal settings for X-Ways Forensics
  ☆32Updated 3 years ago
• libyal / libewf
  Libewf is a library to access the Expert Witness Compression Format (EWF)
  ☆288Updated last year
• markmckinnon / Autopsy-Plugins
  Autopsy Python Plugins
  ☆363Updated 2 months ago
• orlikoski / CDQR
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆340Updated 3 years ago
• dod-cyber-crime-center / sqlite-dissect
  DC3 SQLite Dissect
  ☆68Updated 11 months ago
• lancemueller / EnCase-EnScripts
  General repository for compiled and uncompiled EnCase EnScripts
  ☆46Updated 4 years ago
• markmckinnon / Autopsy-NBM-Plugins
  Autopsy NBM Plugins
  ☆16Updated 2 years ago
• abrignoni / VLEAPP
  Vehicle Logs Events And Properties Parser
  ☆94Updated 3 weeks ago
• mdegrazia / SQLite-Deleted-Records-Parser
  Script to recover deleted entries in an SQLite database
  ☆192Updated 9 years ago
• atola-technology / iscsi-targets
  Automatically create iSCSI targets for all drives except for a boot device
  ☆22Updated 4 months ago
• rowingdude / analyzeMFT
  analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…
  ☆502Updated 2 months ago
• cpuu / bob14forensics
  ☆24Updated 2 months ago
• williballenthin / INDXParse
  Tool suite for inspecting NTFS artifacts.
  ☆224Updated last year
• abrignoni / RLEAPP
  Returns Logs Events And Properties Parser
  ☆119Updated 3 weeks ago