Alternatives and similar repositories for plaso

Users that are interested in plaso are comparing it to the libraries listed below

• dfrc-korea / carpe-sleuthkit
  ☆21Updated 4 years ago
• dfrc-korea / carpe-pytsk
  ☆19Updated 5 years ago
• dfrc-korea / carpe
  Carpe Forensics
  ☆73Updated last year
• sdckey / EnScript-Samples
  This repository is a collection of EnScript code samples for use in the OpenText Endpoint Forensic and OpenText Endpoint Investigator app…
  ☆53Updated this week
• abrignoni / DFIR-SQL-Query-Repo
  Collection of SQL query templates for digital forensics use by platform and application.
  ☆108Updated 4 years ago
• markmckinnon / Autopsy-Plugins
  Autopsy Python Plugins
  ☆356Updated last month
• EnCaseIntegratedToolkit / EITT
  a GUI Interface for DFIR Open Source Tools
  ☆10Updated 10 years ago
• cheeky4n6monkey / 4n6-scripts
  Forensic Scripts
  ☆152Updated 3 months ago
• py4n6 / pytsk
  Python bindings for The Sleuth Kit (libtsk)
  ☆102Updated 4 months ago
• dlcowen / dfirwizard
  Example programs used in the automating DFIR series
  ☆63Updated 6 years ago
• mdegrazia / SQLite-Deleted-Records-Parser
  Script to recover deleted entries in an SQLite database
  ☆191Updated 9 years ago
• log2timeline / dfvfs
  Digital Forensics Virtual File System (dfVFS)
  ☆209Updated 6 months ago
• libyal / libewf
  Libewf is a library to access the Expert Witness Compression Format (EWF)
  ☆278Updated 10 months ago
• abrignoni / RLEAPP
  Returns Logs Events And Properties Parser
  ☆112Updated this week
• orlikoski / CDQR
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆339Updated 3 years ago
• pstirparo / mac4n6
  Collection of forensics artifacts location for Mac OS X and iOS
  ☆332Updated 3 years ago
• markmckinnon / Autopsy-NBM-Plugins
  Autopsy NBM Plugins
  ☆16Updated 2 years ago
• edward-greybeard / iOS-UNF
  Quick iOS Backup UnFunkerizor
  ☆21Updated 4 years ago
• lancemueller / EnCase-EnScripts
  General repository for compiled and uncompiled EnCase EnScripts
  ☆47Updated 4 years ago
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆325Updated this week
• nannib / Imm2Virtual
  This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, dire…
  ☆54Updated 5 years ago
• dod-cyber-crime-center / sqlite-dissect
  DC3 SQLite Dissect
  ☆67Updated 8 months ago
• forensenellanebbia / xways-forensics
  Personal settings for X-Ways Forensics
  ☆32Updated 3 years ago
• kacos2000 / Queries
  SQLite queries
  ☆82Updated 2 years ago
• dod-cyber-crime-center / DC3-MWCP
  DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …
  ☆326Updated 5 months ago
• armbues / ioc_parser
  Tool to extract indicators of compromise from security reports in PDF format
  ☆436Updated 2 years ago
• teamdfir / sift
  SIFT
  ☆513Updated last year
• rowingdude / analyzeMFT
  analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…
  ☆486Updated last week
• blackbagtech / sleuthkit-APFS
  A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.
  ☆26Updated 5 years ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆195Updated 4 months ago