Alternatives and similar repositories for SysScout

Users that are interested in SysScout are comparing it to the libraries listed below

• msuhanov / registry-miner
  Registry Miner
  ☆14Updated 7 years ago
• Silv3rHorn / ArtifactExtractor
  Extract common Windows artifacts from source images and VSCs
  ☆63Updated 4 years ago
• dnlongen / RegLister
  Recurse through a registry, identifying values with large data -- a registry malware hunter
  ☆44Updated 9 years ago
• bromiley / tools
  Various tools and scripts
  ☆43Updated 3 years ago
• devgc / SrumMonkey
  Tool to parse SRU database
  ☆25Updated 7 years ago
• msuhanov / regf-samples
  Windows registry samples
  ☆24Updated 7 years ago
• eopdyke / USB-Device-History
  Discover USB device history for a specific user
  ☆22Updated 9 years ago
• rj-chap / NFWorkshop
  Network Forensics Workshop Files
  ☆17Updated 10 years ago
• reed1713 / ELAT
  Event Log Analysis Tools
  ☆30Updated 9 years ago
• PoorBillionaire / Windows-Prefetch-Carver
  Carve Windows Prefetch files from arbitrary binary data
  ☆16Updated 8 years ago
• DissectMalware / base64_substring
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Updated 7 years ago
• devgc / GcLinkParser
  A GC link parser for both linkfiles and jumplists.
  ☆18Updated 9 years ago
• Rurik / PE_Carver
  Carves EXEs from given data files, using intelligent carving based upon PE headers
  ☆39Updated 8 years ago
• mutedmouse / ta-volatility
  Technical add-on to ingest json formatted volatility memory analysis plugin outputs
  ☆13Updated 7 years ago
• pstirparo / utils
  Different DFIR and CTI utilities
  ☆37Updated 5 years ago
• devgc / EventMonkey
  A Windows Event Processing Utility
  ☆47Updated 7 years ago
• 504ensicsLabs / find_times
  Discover potential timestamps within the Windows Registry
  ☆19Updated 11 years ago
• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 7 years ago
• ThreatResponse / threatresponse_web
  Web based analysis platform for use with the AWS_IR command line tool.
  ☆17Updated 9 years ago
• forensiclunch / ETLParser
  Binary commandline executable to parse ETL files
  ☆68Updated 7 years ago
• idiom / IRScripts
  Incident Response Scripts
  ☆30Updated 5 years ago
• neu5ron / dnssinkholelist
  dnssinkholelist is a python package focused on combining open source lists of malicious domains, dynamic dns domains, and advertisement d…
  ☆18Updated 9 years ago
• mantarayforensics / mantaray
  MantaRay Automated Computer Forensic Triage Tool
  ☆65Updated 6 years ago
• hiddenillusion / IR
  Some dfir stuff
  ☆30Updated 3 years ago
• PoorBillionaire / USN-Record-Carver
  Carve NTFS USN records from binary data
  ☆27Updated 8 years ago
• log2timeline / dfwinreg
  Digital Forensics Windows Registry (dfWinReg)
  ☆52Updated 3 weeks ago
• rshipp / ir-triage-toolkit
  Create an incident response triage toolkit for use with Windows or Linux.
  ☆18Updated 5 years ago
• truekonrads / kpulp
  Konrads' Pen-Ultimate (Windows) Log File Parser
  ☆14Updated 3 years ago
• strozfriedberg / ntfs-linker
  An NTFS journal parser
  ☆81Updated 9 years ago
• bsi-group / autorun-logger-server
  Server for receiving autorun data from the clients
  ☆13Updated 8 years ago