Alternatives and similar repositories for OpenForensics

Users that are interested in OpenForensics are comparing it to the libraries listed below

• nesfit / NetfoxDetective
  Network Forensic Extendable Analysis Tool
  ☆39Updated 3 years ago
• EricZimmerman / iisGeolocate
  geolocate ip addresses in IIS logs
  ☆18Updated 7 months ago
• EricZimmerman / RegistryExplorerBookmarks
  Registry Explorer bookmark definitions
  ☆43Updated 8 months ago
• woanware / wmi-parser
  Parses the WMI object database....looking for persistence
  ☆33Updated 5 years ago
• EricZimmerman / RegistryPlugins
  ☆68Updated 2 weeks ago
• EricZimmerman / MFT
  MFT parser
  ☆68Updated 7 months ago
• alpine-sec / SPECTR3
  Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.
  ☆42Updated 10 months ago
• digitalsleuth / forensics_tools
  Various short scripts and tools used for Digital Forensics
  ☆14Updated 4 months ago
• EricZimmerman / JLECmd
  Automatic and Custom Destinations jump list parser with Windows 10 support
  ☆103Updated 7 months ago
• kacos2000 / Win10LiveInfo
  Windows 10 Live Information viewer
  ☆36Updated 3 years ago
• EricZimmerman / RECmd
  Command line access to the Registry
  ☆154Updated this week
• EricZimmerman / bstrings
  A better strings utility!
  ☆138Updated last week
• kacos2000 / MFT_Record_Viewer
  $MFT Record Viewer
  ☆22Updated 2 years ago
• EricZimmerman / Registry
  Full featured, offline Registry parser in C#
  ☆233Updated last month
• EricZimmerman / TLEFilePlugins
  Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…
  ☆26Updated 4 months ago
• EricZimmerman / Lnk
  Lnk file parser
  ☆88Updated 3 months ago
• kacos2000 / Jumplist-Browser
  Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser
  ☆37Updated last year
• ArsenalRecon / BackstageParser
  Backstage Parser
  ☆31Updated 3 years ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆46Updated 6 years ago
• jschicht / Secure2Csv
  Decode security descriptors in $Secure on NTFS
  ☆21Updated 3 years ago
• EricZimmerman / OleCf
  Library to process OLE compound file format. This is a work in progress and was initially written for jumplist parsing (for which it does…
  ☆19Updated 7 months ago
• woanware / ForensicUserInfo
  Extracts Windows user info including the password hashes
  ☆40Updated 9 years ago
• EricZimmerman / ExtensionBlocks
  Extension blocks as found in ShellBags and other places in the Registry
  ☆25Updated 7 months ago
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆37Updated last year
• sumeshi / ntfsfind
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆26Updated last year
• ArsenalRecon / GmailURLDecoder
  Gmail URL Decoder is an Open Source Python tool that can be used against plaintext or arbitrary raw data files in order to find, extract,…
  ☆58Updated 5 years ago
• Beercow / walitean
  ☆11Updated 7 years ago
• log2timeline / dfwinreg
  Digital Forensics Windows Registry (dfWinReg)
  ☆53Updated last month
• EricZimmerman / GuidMapping
  ☆20Updated 7 months ago
• pjrinaldi / wombatforensics
  linux c++, fox-toolkit, multi-threaded forensic gui tool
  ☆50Updated last year