☆152Jun 5, 2024Updated last year
Alternatives and similar repositories for BitsParser
Users that are interested in BitsParser are comparing it to the libraries listed below
Sorting:
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago
- Sharing my BITS☆13Feb 23, 2018Updated 8 years ago
- Event Trace Log file parser in pure Python☆150Nov 27, 2020Updated 5 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago
- An NTFS/FAT parser for digital forensics & incident response☆217Oct 31, 2025Updated 3 months ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆20Aug 3, 2024Updated last year
- PowerShell module for Office 365 and Azure log collection☆279Sep 22, 2025Updated 5 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated 2 weeks ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆86Jun 23, 2025Updated 8 months ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- Yet another registry parser☆138Apr 15, 2022Updated 3 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆646Nov 7, 2025Updated 3 months ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆117Jan 26, 2022Updated 4 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆173Jan 30, 2026Updated 3 weeks ago
- Run several volatility plugins at the same time☆118Oct 27, 2022Updated 3 years ago
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago
- DFIRTrack - The Incident Response Tracking Application☆532Jan 13, 2026Updated last month
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆785Updated this week
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆293Aug 26, 2021Updated 4 years ago
- A modern Python-3-based alternative to RegRipper☆205Mar 31, 2025Updated 10 months ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆169Jan 5, 2021Updated 5 years ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 2 years ago
- ☆24Aug 30, 2019Updated 6 years ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- ☆93Jul 30, 2025Updated 6 months ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆177Jun 10, 2021Updated 4 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆42Sep 21, 2023Updated 2 years ago