Alternatives and similar repositories for SysScout

Users that are interested in SysScout are comparing it to the libraries listed below

• dnlongen / RegLister
  Recurse through a registry, identifying values with large data -- a registry malware hunter
  ☆44Updated 9 years ago
• msuhanov / registry-miner
  Registry Miner
  ☆14Updated 7 years ago
• devgc / SrumMonkey
  Tool to parse SRU database
  ☆25Updated 7 years ago
• davidhowell-tx / PS-DigitalForensics
  PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts
  ☆56Updated 5 years ago
• eopdyke / USB-Device-History
  Discover USB device history for a specific user
  ☆22Updated 9 years ago
• Silv3rHorn / ArtifactExtractor
  Extract common Windows artifacts from source images and VSCs
  ☆65Updated 4 years ago
• bsi-group / autorun-logger-server
  Server for receiving autorun data from the clients
  ☆13Updated 8 years ago
• devgc / GcLinkParser
  A GC link parser for both linkfiles and jumplists.
  ☆18Updated 9 years ago
• bromiley / tools
  Various tools and scripts
  ☆43Updated 2 years ago
• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 6 years ago
• gleeda / misc-scripts
  misc scripts
  ☆36Updated 7 years ago
• herrcore / punbup
  Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…
  ☆37Updated 7 years ago
• devgc / EventMonkey
  A Windows Event Processing Utility
  ☆47Updated 7 years ago
• pstirparo / utils
  Different DFIR and CTI utilities
  ☆37Updated 5 years ago
• WiredPulse / AutomatedProfiler
  Automated forensics written in PowerShell
  ☆34Updated 6 years ago
• PoorBillionaire / Windows-Prefetch-Carver
  Carve Windows Prefetch files from arbitrary binary data
  ☆16Updated 8 years ago
• jeffbryner / pyioc
  Python tools for IOC (Indicator of Compromise) handling
  ☆96Updated 3 years ago
• woanware / usbdeviceforensics
  Python script for extracting USB information from Windows registry hives
  ☆128Updated 6 years ago
• JohnLaTwC / MacroJob
  Proof of concept VBA code to add to Normal.dot to put restrictions on Word
  ☆41Updated 8 years ago
• superponible / DFIR
  Various DFIR Tools
  ☆26Updated 7 years ago
• AlmCo / Panorama
  Fast incident overview
  ☆40Updated 8 years ago
• mantarayforensics / mantaray
  MantaRay Automated Computer Forensic Triage Tool
  ☆65Updated 6 years ago
• forensiclunch / ETLParser
  Binary commandline executable to parse ETL files
  ☆68Updated 7 years ago
• jheise / threatcmd
  Cli interface to threatcrowd.org
  ☆19Updated 8 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆56Updated 10 years ago
• rj-chap / NFWorkshop
  Network Forensics Workshop Files
  ☆17Updated 10 years ago
• mutedmouse / ta-volatility
  Technical add-on to ingest json formatted volatility memory analysis plugin outputs
  ☆13Updated 7 years ago
• hiddenillusion / IR
  Some dfir stuff
  ☆31Updated 3 years ago
• JamesHabben / MalwareStuff
  ☆16Updated 10 years ago
• jipegit / IRNotes
  Some IR notes
  ☆73Updated 9 years ago