Library to access the Windows Shell Item format
☆74Dec 17, 2025Updated 3 months ago
Alternatives and similar repositories for libfwsi
Users that are interested in libfwsi are comparing it to the libraries listed below
Sorting:
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Library and tools to access the Windows Shortcut File (LNK) format☆211Dec 18, 2025Updated 3 months ago
- Cross-platform, open-source shellbag parser☆159Jan 31, 2023Updated 3 years ago
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- Set of utilities for getting information about Windows Events☆15Jun 5, 2018Updated 7 years ago
- ☆15Sep 26, 2022Updated 3 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl☆38Aug 23, 2016Updated 9 years ago
- Library and tools to access the Windows (Vista/7) Explorer thumbnail cache database format (thumbcache.db)☆17Dec 3, 2025Updated 3 months ago
- Library for Object Linking and Embedding (OLE) data types☆12Nov 27, 2025Updated 3 months ago
- Parser for $UsnJrnl on NTFS☆122Nov 27, 2022Updated 3 years ago
- Sample script of accessing NVMe drive using Windows' inbox NVMe driver☆25May 8, 2023Updated 2 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Parser for Windows Scheduled Task files.☆13Apr 26, 2023Updated 2 years ago
- Windows Registry Knowledge Base☆195Dec 23, 2025Updated 2 months ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- The script receives the S.M.A.R.T. status of the disks on the local or remote computer and displays it in the graphical user interface☆14Oct 25, 2017Updated 8 years ago
- Fileless Ransomware Example☆38Aug 2, 2017Updated 8 years ago
- Binaries for the log2timeline projects and dependencies☆40Feb 8, 2026Updated last month
- Lnk file parser☆92May 27, 2025Updated 9 months ago
- misc scripts☆35Oct 23, 2018Updated 7 years ago
- Parser for $LogFile on NTFS☆215Jun 1, 2025Updated 9 months ago
- This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.☆80Apr 28, 2023Updated 2 years ago
- Code to generate a squarified treemap UI for data visualization☆22May 14, 2018Updated 7 years ago
- 正确解析 _HEAP_VS_***符号 ,支持在最新win11 24h2 运行,替换windbg自带的!pool命令☆17Nov 30, 2024Updated last year
- Tool to parse SRU database☆25Mar 1, 2018Updated 8 years ago
- Overview of Microsoft Patch Tuesday☆14Sep 13, 2024Updated last year
- Extensible Storage Engine (ESE) Database File Knowledge Base☆46Dec 23, 2025Updated 2 months ago
- moved to Codeberg☆11Jul 24, 2024Updated last year
- ☆46Apr 6, 2017Updated 8 years ago
- A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.☆18Sep 10, 2023Updated 2 years ago
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆73Aug 14, 2021Updated 4 years ago
- A list of IOCs applicable to PoshC2☆24Aug 3, 2020Updated 5 years ago
- Parser for Windows PowerShell script block logs☆100Aug 4, 2024Updated last year
- http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html☆127Jul 20, 2024Updated last year
- Assorted classes and methods for indexing reports and retrieving information from an elastic index☆21Jul 5, 2016Updated 9 years ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago