libyal/dtformats

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/libyal/dtformats)

libyal / dtformats

Collection of data formats

☆191

Alternatives and similar repositories for dtformats

Users that are interested in dtformats are comparing it to the libraries listed below

Sorting:

libyal / assorted
View on GitHub
Assorted documentation, scripts and tools
☆39Dec 11, 2025Updated 3 months ago
libyal / winreg-kb
View on GitHub
Windows Registry Knowledge Base
☆195Dec 23, 2025Updated 2 months ago
libyal / libyal
View on GitHub
Yet another library library (and tools)
☆217Dec 21, 2025Updated 3 months ago
libyal / reviveit
View on GitHub
ReviveIT (revit) is a proof of concept file recovery tool (carver)
☆13Dec 3, 2020Updated 5 years ago
ydkhatri / MacForensics
View on GitHub
Scripts to process macOS forensic artifacts
☆207Aug 4, 2024Updated last year
libyal / libvsmbr
View on GitHub
Library and tools to access the Master Boot Record (MBR) volume system format
☆14Dec 21, 2025Updated 3 months ago
jaegeral / timesketch-cli
View on GitHub
A dedicated repo to interact with the API of Timesketch
☆12Sep 17, 2021Updated 4 years ago
mandiant / macos-UnifiedLogs
View on GitHub
A cross platform parser for Apple UnifiedLogs!
☆334Mar 8, 2026Updated 2 weeks ago
SpyderForensics / SQLite_Forensics
View on GitHub
A series of python scripts to extract information from SQLite Data Files
☆21Nov 15, 2025Updated 4 months ago
libyal / libagdb
View on GitHub
Library and tools to access the Windows SuperFetch database format
☆13Nov 29, 2025Updated 3 months ago
libyal / libwtcdb
View on GitHub
Library and tools to access the Windows (Vista/7) Explorer thumbnail cache database format (thumbcache.db)
☆17Dec 3, 2025Updated 3 months ago
Intrinsec / mplog_parser
View on GitHub
This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.
☆21Sep 30, 2022Updated 3 years ago
Velocidex / registry_hunter
View on GitHub
Hunt the windows Registry automatically using VQL
☆14Jan 6, 2026Updated 2 months ago
libyal / libfsntfs
View on GitHub
Library and tools to access the Windows New Technology File System (NTFS)
☆227Feb 8, 2026Updated last month
KatelynHaworth / macos-golang
View on GitHub
Intermediate library for calling macOS native functions from Core Foundation and System Configuration
☆19Jun 16, 2025Updated 9 months ago
forensicmatt / RustyReg
View on GitHub
Registry to JSON. This Project is for learning purposes and is not maintained.
☆12Dec 28, 2021Updated 4 years ago
log2timeline / l2tbinaries
View on GitHub
Binaries for the log2timeline projects and dependencies
☆40Feb 8, 2026Updated last month
libyal / esedb-kb
View on GitHub
Extensible Storage Engine (ESE) Database File Knowledge Base
☆46Dec 23, 2025Updated 2 months ago
daguy666 / Transit
View on GitHub
MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.
☆20Feb 20, 2020Updated 6 years ago
bsi-group / autorun-logger-server
View on GitHub
Server for receiving autorun data from the clients
☆13Sep 26, 2017Updated 8 years ago
jp-slackspace / x-tension-c-sharp
View on GitHub
An updated C# port of X-Ways X-Tensions API.
☆11Mar 12, 2018Updated 8 years ago
libyal / libmodi
View on GitHub
Library and tools to access the Mac OS disk image formats
☆22Dec 18, 2025Updated 3 months ago
Recruit-CSIRT / macOSTriageTool
View on GitHub
A DFIR tool to collect artifacts on macOS
☆56Mar 1, 2020Updated 6 years ago
libyal / libevtx
View on GitHub
Library and tools to access the Windows XML Event Log (EVTX) format
☆230Dec 15, 2025Updated 3 months ago
abrignoni / WLEAPP
View on GitHub
WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
☆32Nov 16, 2023Updated 2 years ago
bcarrier / awesome-incident-response
View on GitHub
A curated list of tools for incident response
☆14Jan 22, 2024Updated 2 years ago
strozfriedberg / liblightgrep
View on GitHub
Fast multipattern regular expression searching for digital forensics
☆18Jul 31, 2019Updated 6 years ago
msuhanov / yarp
View on GitHub
Yet another registry parser
☆137Apr 15, 2022Updated 3 years ago
cclgroupltd / ccl-segb
View on GitHub
Module(s) related to reading SEGB (fka "Biome") data from iOS, mascOS, etc.
☆29Sep 9, 2025Updated 6 months ago
alitrack / undark
View on GitHub
Undark - a SQLite recovery tool for deleted data or corrupt database
☆79Sep 14, 2018Updated 7 years ago
mac4n6 / APOLLO
View on GitHub
Apple Pattern of Life Lazy Output'er
☆640Feb 25, 2024Updated 2 years ago
vector-sec / DuoPusher
View on GitHub
Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications
☆13Apr 20, 2018Updated 7 years ago
libyal / libfsext
View on GitHub
Library and tools to access the Extended File System
☆18Feb 1, 2026Updated last month
themittenmac / TrueTree
View on GitHub
A command line tool for pstree-like output on macOS with additional pid capturing capabilities
☆276Aug 23, 2024Updated last year
libyal / libmsiecf
View on GitHub
Library and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files
☆18Dec 19, 2025Updated 3 months ago
mnrkbys / macosac
View on GitHub
Forensic Artifact Collection Tool for macOS
☆118Jul 28, 2025Updated 7 months ago
libyal / libvsgpt
View on GitHub
Library and tools to access the GUID Partition Table (GPT) volume system format
☆11Dec 20, 2025Updated 3 months ago
ForensicArtifacts / artifacts
View on GitHub
Digital Forensics artifact repository
☆1,213Feb 11, 2026Updated last month
jslegendre / libSymRez
View on GitHub
When dlsym isn't enough
☆20May 19, 2024Updated last year