Alternatives and similar repositories for OpenForensics

Users that are interested in OpenForensics are comparing it to the libraries listed below

• nesfit / NetfoxDetective
  Network Forensic Extendable Analysis Tool
  ☆39Updated 3 years ago
• EricZimmerman / bstrings
  A better strings utility!
  ☆142Updated last month
• EricZimmerman / MFT
  MFT parser
  ☆72Updated 8 months ago
• alpine-sec / SPECTR3
  Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.
  ☆42Updated 11 months ago
• EricZimmerman / JLECmd
  Automatic and Custom Destinations jump list parser with Windows 10 support
  ☆108Updated 3 weeks ago
• woanware / ForensicUserInfo
  Extracts Windows user info including the password hashes
  ☆40Updated 9 years ago
• EricZimmerman / RegistryPlugins
  ☆69Updated 2 months ago
• EricZimmerman / RegistryExplorerBookmarks
  Registry Explorer bookmark definitions
  ☆43Updated 10 months ago
• EricZimmerman / iisGeolocate
  geolocate ip addresses in IIS logs
  ☆19Updated 9 months ago
• EricZimmerman / Registry
  Full featured, offline Registry parser in C#
  ☆234Updated last month
• EricZimmerman / RECmd
  Command line access to the Registry
  ☆157Updated last week
• kacos2000 / Win10LiveInfo
  Windows 10 Live Information viewer
  ☆37Updated 3 years ago
• kacos2000 / Jumplist-Browser
  Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser
  ☆38Updated last year
• digitalsleuth / forensics_tools
  Various short scripts and tools used for Digital Forensics
  ☆14Updated 6 months ago
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆38Updated last year
• EricZimmerman / Lnk
  Lnk file parser
  ☆90Updated 4 months ago
• EricZimmerman / USBDevices
  Get USB Devices from Registry hives
  ☆22Updated 3 years ago
• AndrewRathbun / SigHunter
  A C# (.NET 6) tool to compare the file signature of files recursively and inform the user of matches and mismatches
  ☆15Updated 10 months ago
• nannib / Imm2Virtual
  This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, dire…
  ☆55Updated 6 years ago
• AndrewRathbun / DirectoryOpus-DFIRConfig
  A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life …
  ☆38Updated 9 months ago
• kacos2000 / WindowsTimeline
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆195Updated 2 years ago
• kacos2000 / Win10
  Win 10/11 related research
  ☆192Updated last year
• thereisnotime / xxUSBSentinel
  Windows anti-forensics USB monitoring tool.
  ☆71Updated 2 years ago
• EricZimmerman / OleCf
  Library to process OLE compound file format. This is a work in progress and was initially written for jumplist parsing (for which it does…
  ☆19Updated 8 months ago
• pjrinaldi / wombatforensics
  linux c++, fox-toolkit, multi-threaded forensic gui tool
  ☆50Updated last year
• ArsenalRecon / BackstageParser
  Backstage Parser
  ☆32Updated 3 years ago
• woanware / wmi-parser
  Parses the WMI object database....looking for persistence
  ☆34Updated 5 years ago
• ArsenalRecon / GmailURLDecoder
  Gmail URL Decoder is an Open Source Python tool that can be used against plaintext or arbitrary raw data files in order to find, extract,…
  ☆59Updated 5 years ago
• jschicht / Secure2Csv
  Decode security descriptors in $Secure on NTFS
  ☆21Updated 3 years ago
• kacos2000 / MFT_Record_Viewer
  $MFT Record Viewer
  ☆22Updated 2 years ago