libyal/libfwsi

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/libyal/libfwsi)

libyal / libfwsi

Library to access the Windows Shell Item format

☆74

Alternatives and similar repositories for libfwsi

Users that are interested in libfwsi are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

ArsenalRecon / SdbaParser
View on GitHub
Parser for Sdba memory pool tags
☆21Jul 16, 2021Updated 4 years ago
jschicht / MftCarver
View on GitHub
Carve $MFT records from a chunk of data (for instance a memory dump)
☆16Aug 21, 2016Updated 9 years ago
mdsecactivebreach / genHTA
View on GitHub
Generates anti-sandbox analysis HTA files without payloads
☆16Mar 16, 2017Updated 9 years ago
msuhanov / registry-miner
View on GitHub
Registry Miner
☆14Apr 10, 2018Updated 7 years ago
tedhardyMSFT / EventLogUtilities
View on GitHub
Set of utilities for getting information about Windows Events
☆15Jun 5, 2018Updated 7 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
g-les / floss2yar
View on GitHub
☆15Sep 26, 2022Updated 3 years ago
forensicmatt / RustyReg
View on GitHub
Registry to JSON. This Project is for learning purposes and is not maintained.
☆12Dec 28, 2021Updated 4 years ago
NTFSparse / ntfs_parse
View on GitHub
NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
☆38Aug 23, 2016Updated 9 years ago
libyal / libwtcdb
View on GitHub
Library and tools to access the Windows (Vista/7) Explorer thumbnail cache database format (thumbcache.db)
☆17Dec 3, 2025Updated 4 months ago
mutedmouse / ta-volatility
View on GitHub
Technical add-on to ingest json formatted volatility memory analysis plugin outputs
☆13May 21, 2018Updated 7 years ago
libyal / libfole
View on GitHub
Library for Object Linking and Embedding (OLE) data types
☆12Nov 27, 2025Updated 4 months ago
karttoon / OneOffs
View on GitHub
Small random scripts for various things I find myself needing to repeat/automate
☆25Apr 6, 2021Updated 5 years ago
ken-yossy / nvmetool-win-powershell
View on GitHub
Sample script of accessing NVMe drive using Windows' inbox NVMe driver
☆25May 8, 2023Updated 2 years ago
devgc / GcLinkParser
View on GitHub
A GC link parser for both linkfiles and jumplists.
☆18Oct 28, 2016Updated 9 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
Digressive / Log-Manager
View on GitHub
Flexible clean up and backup of log files.
☆17Nov 21, 2024Updated last year
yahoo / winjob
View on GitHub
Parser for Windows Scheduled Task files.
☆13Apr 26, 2023Updated 2 years ago
libyal / winreg-kb
View on GitHub
Windows Registry Knowledge Base
☆195Dec 23, 2025Updated 3 months ago
AndrewRathbun / EventTranscript.db-Research
View on GitHub
A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
☆43Jul 18, 2022Updated 3 years ago
fortra / CVE-2024-6768
View on GitHub
☆15Aug 12, 2024Updated last year
jschicht / Secure2Csv
View on GitHub
Decode security descriptors in $Secure on NTFS
☆22Feb 24, 2022Updated 4 years ago
snd3r / GetDiskSmart
View on GitHub
The script receives the S.M.A.R.T. status of the disks on the local or remote computer and displays it in the graphical user interface
☆14Oct 25, 2017Updated 8 years ago
giMini / Tartarus
View on GitHub
Fileless Ransomware Example
☆38Aug 2, 2017Updated 8 years ago
log2timeline / l2tbinaries
View on GitHub
Binaries for the log2timeline projects and dependencies
☆40Feb 8, 2026Updated 2 months ago
NordVPN Threat Protection Pro™ • Ad
Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
xusheng6 / awesome-ttd
View on GitHub
Rerousces related to time-travel debugging (TTD)
☆37Jan 6, 2026Updated 3 months ago
gleeda / misc-scripts
View on GitHub
misc scripts
☆35Oct 23, 2018Updated 7 years ago
EricZimmerman / Lnk
View on GitHub
Lnk file parser
☆95May 27, 2025Updated 10 months ago
jschicht / LogFileParser
View on GitHub
Parser for $LogFile on NTFS
☆216Jun 1, 2025Updated 10 months ago
atropineal / regsvr32
View on GitHub
☆11May 24, 2017Updated 8 years ago
HarmJ0y / pylnker
View on GitHub
This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.
☆80Apr 28, 2023Updated 2 years ago
proxb / SquarifiedTreemap
View on GitHub
Code to generate a squarified treemap UI for data visualization
☆22May 14, 2018Updated 7 years ago
cbwang505 / Win11PoolView
View on GitHub
正确解析 _HEAP_VS_***符号 ,支持在最新win11 24h2 运行,替换windbg自带的!pool命令
☆17Nov 30, 2024Updated last year
devgc / SrumMonkey
View on GitHub
Tool to parse SRU database
☆25Mar 1, 2018Updated 8 years ago
NordVPN Special Discount Offer • Ad
Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
joshuacline / imageconverter
View on GitHub
☆16Jan 28, 2024Updated 2 years ago
Chestnuts4 / POC
View on GitHub
☆17Jun 1, 2024Updated last year
libyal / esedb-kb
View on GitHub
Extensible Storage Engine (ESE) Database File Knowledge Base
☆46Dec 23, 2025Updated 3 months ago
MRGEffitas / Sandbox_tester
View on GitHub
☆46Apr 6, 2017Updated 9 years ago
CyberDefenses / CDI_yara
View on GitHub
A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.
☆18Sep 10, 2023Updated 2 years ago
RichHeaderResearch / RichPE
View on GitHub
Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
☆73Aug 14, 2021Updated 4 years ago
nettitude / PoshC2_IOCs
View on GitHub
A list of IOCs applicable to PoshC2
☆24Aug 3, 2020Updated 5 years ago