Alternatives and similar repositories for NBDServer:

Users that are interested in NBDServer are comparing it to the libraries listed below

• strozfriedberg / ntfs-linker
  An NTFS journal parser
  ☆82Updated 8 years ago
• davehull / Get-StakRank
  A Powershell script for frequency analysis of separated values data files.
  ☆17Updated 11 years ago
• libyal / libvshadow
  Library and tools to access the Volume Shadow Snapshot (VSS) format
  ☆111Updated 6 months ago
• log2timeline / dfwinreg
  Digital Forensics Windows Registry (dfWinReg)
  ☆49Updated last month
• mandiant / AuditParser
  AuditParser
  ☆58Updated 11 years ago
• TakahiroHaruyama / openioc_scan
  openioc_scan Volatility Framework plugin
  ☆42Updated 8 years ago
• rjhansen / nsrllookup
  Checks with NSRL RDS servers looking for for hash matches
  ☆112Updated 3 years ago
• ANSSI-FR / bootcode_parser
  A boot record parser that identifies known good signatures for MBR, VBR and IPL.
  ☆97Updated last week
• log2timeline / dfvfs
  Digital Forensics Virtual File System (dfVFS)
  ☆207Updated last month
• dlcowen / dfirwizard
  Example programs used in the automating DFIR series
  ☆64Updated 5 years ago
• dnlongen / RegLister
  Recurse through a registry, identifying values with large data -- a registry malware hunter
  ☆44Updated 8 years ago
• sethhall / bro-apt1
  This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.
  ☆47Updated 11 years ago
• herrcore / punbup
  Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…
  ☆37Updated 6 years ago
• williballenthin / process-forest
  Reconstruct process trees from event logs
  ☆147Updated 4 years ago
• jschicht / Secure2Csv
  Decode security descriptors in $Secure on NTFS
  ☆20Updated 2 years ago
• vortessence / vortessence
  Automated memory forensics analysis
  ☆33Updated 5 years ago
• bostonlink / cuckooforcanari
  Cuckoo Sandbox Local Maltego Transforms Project
  ☆49Updated 10 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆56Updated 9 years ago
• jeffbryner / pyioc
  Python tools for IOC (Indicator of Compromise) handling
  ☆96Updated 3 years ago
• MotiBa / Sysmon
  Sysmon configuration
  ☆66Updated 6 years ago
• ANSSI-FR / SysvolExplorer
  Active Directory Group Policy analyzer
  ☆99Updated 10 years ago
• Invoke-IR / WmiEvent
  A PowerShell module to abstract the complexities of Permanent WMI Event Subscriptions
  ☆55Updated 8 years ago
• williballenthin / python-ntfs
  Open source Python library for NTFS analysis
  ☆80Updated 7 years ago
• MITRECND / yaraprocessor
  Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.
  ☆97Updated 10 years ago
• Rurik / PE_Carver
  Carves EXEs from given data files, using intelligent carving based upon PE headers
  ☆37Updated 7 years ago
• Pwdrkeg / honeyport
  A powershell script for creating a Windows honeyport.
  ☆87Updated 9 years ago
• xme / mime2vt
  Unpack MIME attachments from a file and check them against virustotal.com
  ☆45Updated 8 years ago
• glassdfir / SysmonMapper
  Maps process creation logged by Sysmon uses Google Org Chart API
  ☆24Updated 8 years ago
• att / docker-forensics
  Tools to assist in forensicating docker
  ☆81Updated last week
• MSAdministrator / PPRT
  This module is used to report phishing URLs to their WHOIS/RDAP abuse contact information.
  ☆43Updated 7 years ago