☆152Jun 5, 2024Updated last year
Alternatives and similar repositories for BitsParser
Users that are interested in BitsParser are comparing it to the libraries listed below
Sorting:
- Sharing my BITS☆13Feb 23, 2018Updated 8 years ago
- ☆24Mar 12, 2025Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆79Jan 9, 2024Updated 2 years ago
- Event Trace Log file parser in pure Python☆150Nov 27, 2020Updated 5 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated last month
- Yet another registry parser☆137Apr 15, 2022Updated 3 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Quick ESXi Log Parser☆30Oct 20, 2025Updated 5 months ago
- An NTFS/FAT parser for digital forensics & incident response☆223Oct 31, 2025Updated 4 months ago
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Run several volatility plugins at the same time☆118Oct 27, 2022Updated 3 years ago
- PowerShell module for Office 365 and Azure log collection☆280Sep 22, 2025Updated 5 months ago
- ☆24Aug 30, 2019Updated 6 years ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆648Nov 7, 2025Updated 4 months ago
- AVML - Acquire Volatile Memory for Linux☆1,064Updated this week
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆173Mar 2, 2026Updated 2 weeks ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆86Jun 23, 2025Updated 8 months ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- ☆93Jul 30, 2025Updated 7 months ago
- ☆2,390Oct 14, 2023Updated 2 years ago
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆293Aug 26, 2021Updated 4 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆117Jan 26, 2022Updated 4 years ago
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆21Jul 18, 2023Updated 2 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆169Jan 5, 2021Updated 5 years ago
- DFIRTrack - The Incident Response Tracking Application☆533Jan 13, 2026Updated 2 months ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 3 years ago
- Extract BITS jobs from QMGR queue and store them as CSV records☆74Feb 13, 2025Updated last year
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆151Dec 15, 2017Updated 8 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Updated this week