Alternatives and similar repositories for assorted

Users that are interested in assorted are comparing it to the libraries listed below

• sebmarchand / pyetw
  ☆13Updated 9 years ago
• hatching / roach
  Cockroach is your primitive & immortal swiss army knife.
  ☆49Updated 3 years ago
• ydkhatri / Appx-Analysis
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆18Updated last year
• libyal / libevt
  Library and tools to access the Windows Event Log (EVT) format
  ☆60Updated last year
• williballenthin / LfLe
  Recover event log entries from an image by heurisitically looking for record structures.
  ☆27Updated 10 years ago
• Cisco-Talos / FIRST-server
  ☆32Updated last year
• NTFSparse / ntfs_parse
  NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
  ☆37Updated 9 years ago
• techbliss / Yara_Mailware_Quick_menu_scanner
  Work Fast With the pattern matching swiss knife for malware researchers.
  ☆38Updated 9 years ago
• msuhanov / regf-samples
  Windows registry samples
  ☆24Updated 6 years ago
• alexander-hanel / ida_yara
  A python script that can be used to scan data within in an IDB using Yara.
  ☆23Updated 7 years ago
• cyb3rfox / MFTEntryCarver
  Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if re…
  ☆22Updated 6 years ago
• MalwareLu / malware-lu
  Automatically exported from code.google.com/p/malware-lu
  ☆55Updated 6 years ago
• hasherezade / ViDi
  ViDi Visual Disassembler (experimental)
  ☆78Updated last week
• blacktop / language-yara
  Yara syntax highlighting
  ☆25Updated 4 years ago
• aleksost / MemoryDecompression
  Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.
  ☆51Updated 6 years ago
• mnemonic-no / dnscache
  Volatility memory forensics plugin for extracting Windows DNS Cache
  ☆29Updated 8 years ago
• x64dbg / yarasigs
  Various Yara signatures (possibly to be included in a release later).
  ☆87Updated 6 years ago
• yaunj / vim-yara
  Yara filetype plugin for Vim.
  ☆14Updated 4 years ago
• psrok1 / emu-strings
  Emu-strings project - JScript/VBScript automated dropper analysis system
  ☆18Updated 4 years ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆77Updated 10 years ago
• Mipu94 / BroIDS_Unicorn
  simple plugin to detect shellcode on Bro IDS with Unicorn
  ☆33Updated 8 years ago
• elicn / xstrings
  Print the strings of encoded printable characters in files
  ☆12Updated 10 years ago
• ydkhatri / macOS_FE
  Tools for macOS Forensic Bootable media
  ☆15Updated 5 years ago
• EricZimmerman / SDB
  Parse Microsoft shim databases
  ☆31Updated 9 months ago
• williballenthin / python-dotnet-binaryformat
  Pure Python parser for data encoded by .NET's BinaryFormatter
  ☆53Updated 7 years ago
• cube0x8 / ChromeRagamuffin
  Google Chrome internals analysis using Volatility
  ☆42Updated 2 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• ctxis / capemon
  CAPE monitor DLLs
  ☆41Updated 5 years ago
• 0xcpu / bonomen
  BONOMEN - Hunt for Malware Critical Process Impersonation
  ☆49Updated 4 years ago
• malware-kitten / yara_sig_tool
  A tool to generate yara signatures from function blocks
  ☆19Updated 10 years ago