Alternatives and similar repositories for BHH:

Users that are interested in BHH are comparing it to the libraries listed below

• labcif / YPA
  Autopsy plugin to extract information from the 'Your Phone' Windows 10 App
  ☆13Updated 4 years ago
• randomaccess3 / regripper_gui
  GUI for regripper
  ☆11Updated 5 years ago
• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆17Updated 3 years ago
• kacos2000 / Win10LiveInfo
  Windows 10 Live Information viewer
  ☆36Updated 3 years ago
• ydkhatri / Appx-Analysis
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆15Updated 11 months ago
• moaistory / IE10Analyzer
  http://moaistory.blogspot.com/2016/08/ie10analyzer.html
  ☆16Updated 7 months ago
• randomaccess3 / 4n6_stuff
  Git for me to put all my forensics stuff
  ☆21Updated last month
• net-protect / google-fs-recover
  Google Filestream Forensic Tool
  ☆16Updated 2 years ago
• bgrundy / cheatsheets-forensic
  Forensic cheatsheets for use with cheat
  ☆15Updated 3 years ago
• abrignoni / WLEAPP
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆31Updated last year
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆42Updated 6 years ago
• ArsenalRecon / BackstageParser
  Backstage Parser
  ☆32Updated 2 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• tokesr / usb_investigator
  ☆9Updated 5 years ago
• ArsenalRecon / NetWireLogDecoder
  Scan and decode NetWire logs
  ☆11Updated 2 years ago
• tedsmith / NSRL-Stripper
  A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database
  ☆14Updated 3 years ago
• WiredPulse / AutomatedProfiler
  Automated forensics written in PowerShell
  ☆34Updated 5 years ago
• gajos112 / SRUM-Timeliner
  ☆10Updated last year
• ydkhatri / jarp
  Just Another broken Registry Parser (JARP)
  ☆16Updated 8 months ago
• nesfit / NetfoxDetective
  Network Forensic Extendable Analysis Tool
  ☆39Updated 2 years ago
• dhoelzer / Silky
  Web interface for monitoring and interacting with Netflow data stored in Silk repositories.
  ☆13Updated 5 years ago
• MotiBa / ProcessMonitorAnalyzeMalware
  Script to parse Process Monitor XML log file, and give you a summary report.
  ☆23Updated 8 years ago
• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 6 years ago
• WiredPulse / Invoke-SRUMDump
  A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.
  ☆13Updated 3 years ago
• kacos2000 / Jumplist-Browser
  Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser
  ☆31Updated 11 months ago
• williballenthin / Autopsy-WindowsRegistryContentViewer
  no longer maintained
  ☆16Updated 6 years ago
• AlmCo / Panorama
  Fast incident overview
  ☆39Updated 8 years ago
• 4n6ist / bulk_extractor-rec
  It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving
  ☆40Updated 4 years ago
• wagga40 / Zircolite-Rules
  Sigma rules converted for direct use with Zircolite
  ☆12Updated this week
• 00010111 / gMetaDataParse
  ☆20Updated last year