Alternatives and similar repositories for artifacts

Users that are interested in artifacts are comparing it to the libraries listed below

• EricZimmerman / SQLECmd
  ☆52Updated 2 weeks ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆56Updated last month
• EricZimmerman / KapeDocs
  Documentation repository
  ☆46Updated 9 months ago
• pstirparo / utils
  Different DFIR and CTI utilities
  ☆37Updated 5 years ago
• strozfriedberg / greppin-logs
  2021 SANS DFIR Summit: Greppin' Logs
  ☆20Updated 3 years ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆8Updated 8 months ago
• blueteam0ps / AllthingsTimesketch
  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
  ☆109Updated last year
• mark-hallman / plaso_filters
  Scripts to facilitate filtering with Plaso
  ☆126Updated 5 years ago
• abrignoni / DFIR-SQL-Query-Repo
  Collection of SQL query templates for digital forensics use by platform and application.
  ☆107Updated 4 years ago
• Digital-Forensics-Discord-Server / ArtifactParsers
  A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
  ☆66Updated 7 months ago
• dlcowen / dfirwizard
  Example programs used in the automating DFIR series
  ☆63Updated 6 years ago
• forensenellanebbia / xways-forensics
  Personal settings for X-Ways Forensics
  ☆32Updated 3 years ago
• gajos112 / PowerShell-Timeliner
  ☆13Updated 3 years ago
• markmckinnon / cLeapp
  Chrome Logs Events and Protobuf Parser
  ☆39Updated 2 years ago
• keydet89 / Tools
  Tools from WFA 4/e, timeline tools, etc.
  ☆141Updated last year
• Lazza / Fuji
  MacOS forensic acquisition made simple
  ☆159Updated 2 months ago
• ekristen / cast
  Cast is an installer for any compatible Saltstack based distribution like SIFT or REMnux
  ☆122Updated this week
• sdckey / EnScript-Samples
  This repository is a collection of EnScript code samples for use in the OpenText EnCase application.
  ☆53Updated 2 months ago
• abrignoni / VLEAPP
  Vehicle Logs Events And Properties Parser
  ☆88Updated 5 months ago
• jschicht / Indx2Csv
  An advanced parser for INDX records
  ☆28Updated 5 years ago
• AndrewRathbun / DFIRRegex
  A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
  ☆98Updated 2 years ago
• teamdfir / volatility-plugins-community
  Volatility plugins developed and maintained by the community
  ☆21Updated 9 months ago
• jjrboucher / MS-Word-Parser
  MS Word (DOCx) Parsing Tool
  ☆20Updated last month
• 13Cubed / Abeebus
  A GeoIP lookup utility utilizing ipinfo.io services.
  ☆88Updated last year
• Jrotenberger / Powershell-IR-Scripts
  ☆39Updated 6 years ago
• dlcowen / sansfor509
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆201Updated 9 months ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 2 years ago
• AndrewRathbun / EventTranscript.db-Research
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆39Updated 2 years ago
• nannib / Imm2Virtual
  This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, dire…
  ☆54Updated 5 years ago
• megan201296 / gsuite-dfir
  ☆42Updated 4 years ago