Alternatives and similar repositories for plaso

Users that are interested in plaso are comparing it to the libraries listed below

• dfrc-korea / carpe-sleuthkit
  ☆21Updated 4 years ago
• dfrc-korea / carpe-pytsk
  ☆19Updated 5 years ago
• dfrc-korea / carpe
  Carpe Forensics
  ☆74Updated last year
• dfrc-korea / SQLiteRecover
  ☆21Updated 6 years ago
• sdckey / EnScript-Samples
  This repository is a collection of EnScript code samples for use in the OpenText Endpoint Forensic and OpenText Endpoint Investigator app…
  ☆54Updated 2 months ago
• cheeky4n6monkey / 4n6-scripts
  Forensic Scripts
  ☆154Updated 6 months ago
• dod-cyber-crime-center / sqlite-dissect
  DC3 SQLite Dissect
  ☆68Updated 10 months ago
• abrignoni / DFIR-SQL-Query-Repo
  Collection of SQL query templates for digital forensics use by platform and application.
  ☆109Updated 4 years ago
• py4n6 / pytsk
  Python bindings for The Sleuth Kit (libtsk)
  ☆107Updated 3 weeks ago
• markmckinnon / Autopsy-NBM-Plugins
  Autopsy NBM Plugins
  ☆16Updated 2 years ago
• bring2lite / bring2lite
  ☆31Updated 5 years ago
• markmckinnon / Autopsy-Plugins
  Autopsy Python Plugins
  ☆362Updated last month
• pstirparo / mac4n6
  Collection of forensics artifacts location for Mac OS X and iOS
  ☆334Updated 3 years ago
• EnCaseIntegratedToolkit / EITT
  a GUI Interface for DFIR Open Source Tools
  ☆10Updated 10 years ago
• libyal / libewf
  Libewf is a library to access the Expert Witness Compression Format (EWF)
  ☆286Updated last year
• dlcowen / dfirwizard
  Example programs used in the automating DFIR series
  ☆63Updated 6 years ago
• forensenellanebbia / xways-forensics
  Personal settings for X-Ways Forensics
  ☆32Updated 3 years ago
• mdegrazia / SQLite-Deleted-Records-Parser
  Script to recover deleted entries in an SQLite database
  ☆191Updated 9 years ago
• abrignoni / RLEAPP
  Returns Logs Events And Properties Parser
  ☆119Updated 3 weeks ago
• log2timeline / dfvfs
  Digital Forensics Virtual File System (dfVFS)
  ☆211Updated 2 months ago
• orlikoski / CDQR
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆340Updated 3 years ago
• blackbagtech / sleuthkit-APFS
  A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.
  ☆26Updated 5 years ago
• ScottKjr3347 / iOS_store.cloudphotodb_Queries
  Queries to use on the store.cloudphotodb database. Provides you with iCloud Photos Sync directions and other information
  ☆12Updated 2 years ago
• rowingdude / analyzeMFT
  analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…
  ☆496Updated last month
• nannib / Imm2Virtual
  This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, dire…
  ☆55Updated 5 years ago
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆329Updated 2 weeks ago
• edward-greybeard / iOS-UNF
  Quick iOS Backup UnFunkerizor
  ☆21Updated 4 years ago
• lancemueller / EnCase-EnScripts
  General repository for compiled and uncompiled EnCase EnScripts
  ☆46Updated 4 years ago
• mdegrazia / Google-Analytic-Parser
  Parses for Google Analytic values in raw files like RAM, DD images etc.
  ☆18Updated 9 years ago
• abrignoni / VLEAPP
  Vehicle Logs Events And Properties Parser
  ☆94Updated 8 months ago