Alternatives and similar repositories for libfwsi

Users that are interested in libfwsi are comparing it to the libraries listed below

• EricZimmerman / Lnk
  Lnk file parser
  ☆87Updated 3 months ago
• EricZimmerman / GuidMapping
  ☆18Updated 4 months ago
• williballenthin / shellbags
  Cross-platform, open-source shellbag parser
  ☆149Updated 2 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆73Updated 4 months ago
• msuhanov / yarp
  Yet another registry parser
  ☆132Updated 3 years ago
• EricZimmerman / RegistryExplorerBookmarks
  Registry Explorer bookmark definitions
  ☆42Updated 4 months ago
• strozfriedberg / ntfs-linker
  An NTFS journal parser
  ☆82Updated 9 years ago
• jschicht / Secure2Csv
  Decode security descriptors in $Secure on NTFS
  ☆20Updated 3 years ago
• EricZimmerman / Prefetch
  Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.
  ☆113Updated 4 months ago
• EricZimmerman / Registry
  Full featured, offline Registry parser in C#
  ☆229Updated 4 months ago
• kacos2000 / WindowsTimeline
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆189Updated 2 years ago
• jschicht / EaTools
  Analysis and manipulation of extended attribute ($EA) on NTFS
  ☆38Updated 9 years ago
• libyal / libregf
  Library and tools to access the Windows NT Registry File (REGF) format
  ☆118Updated 8 months ago
• EricZimmerman / RegistryPlugins
  ☆66Updated last week
• libyal / winreg-kb
  Windows Registry Knowledge Base
  ☆173Updated 7 months ago
• woanware / wmi-parser
  Parses the WMI object database....looking for persistence
  ☆31Updated 5 years ago
• jschicht / LogFileParser
  Parser for $LogFile on NTFS
  ☆194Updated last year
• libyal / esedb-kb
  Extensible Storage Engine (ESE) Database File Knowledge Base
  ☆43Updated 7 months ago
• EricZimmerman / ExtensionBlocks
  Extension blocks as found in ShellBags and other places in the Registry
  ☆24Updated 4 months ago
• nmantani / FileInsight-plugins
  FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis
  ☆161Updated 5 months ago
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆36Updated 10 months ago
• williballenthin / INDXParse
  Tool suite for inspecting NTFS artifacts.
  ☆221Updated last year
• mattifestation / BCD
  BCD is a module to interact with boot configuration data (BCD) either locally or remotely using the ROOT/WMI:Bcd* WMI classes. The functi…
  ☆61Updated 4 years ago
• msuhanov / regf-samples
  Windows registry samples
  ☆23Updated 6 years ago
• jschicht / UsnJrnl2Csv
  Parser for $UsnJrnl on NTFS
  ☆110Updated 2 years ago
• woanware / autorunner
  Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
  ☆55Updated 6 years ago
• jschicht / ExtractUsnJrnl
  Tool to extract the $UsnJrnl from an NTFS volume
  ☆106Updated 5 years ago
• pcbje / pyad1
  Python library for parsing AccessData AD1 images
  ☆32Updated last year
• EricZimmerman / SDB
  Parse Microsoft shim databases
  ☆30Updated 4 months ago
• aff4 / Standard
  AFF4 Standard Documents
  ☆28Updated 3 years ago