libyal/winreg-kb external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

libyal/winreg-kb

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/libyal/winreg-kb)

Close

libyal / winreg-kbView on GitHubMore

• External links
• Readme badge

Windows Registry Knowledge Base

☆197May 25, 2026Updated 3 weeks ago

Alternatives and similar repositories for winreg-kb

Users that are interested in winreg-kb are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ForensicArtifacts / artifacts-kb

  View on GitHub
  Digital Forensics Artifacts Knowledge Base
  ☆90May 16, 2026Updated last month
• msuhanov / regf-samples

  View on GitHub
  Windows registry samples
  ☆24Nov 18, 2018Updated 7 years ago
• libyal / esedb-kb

  View on GitHub
  Extensible Storage Engine (ESE) Database File Knowledge Base
  ☆48May 15, 2026Updated last month
• AndrewRathbun / EventTranscript.db-Research

  View on GitHub
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆43Jul 18, 2022Updated 3 years ago
• AndrewRathbun / VanillaWindowsRegistryHives

  View on GitHub
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆52Oct 29, 2025Updated 7 months ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• libyal / winevt-kb

  View on GitHub
  Windows Event Log Knowledge Base
  ☆33May 16, 2026Updated last month
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet

  View on GitHub
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆21Jul 1, 2023Updated 2 years ago
• EricZimmerman / KapeDocs

  View on GitHub
  Documentation repository
  ☆48Feb 11, 2026Updated 4 months ago
• libyal / dtformats

  View on GitHub
  Collection of data formats
  ☆195May 16, 2026Updated last month
• CyberCX-DFIR / usnjrnl_rewind

  View on GitHub
  USN Journal full path builder
  ☆69Apr 16, 2026Updated last month
• dwmetz / Mal-Hash

  View on GitHub
  This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.
  ☆15Jul 13, 2023Updated 2 years ago
• msuhanov / regf

  View on GitHub
  Windows registry file format specification
  ☆364Oct 27, 2018Updated 7 years ago
• log2timeline / dfwinreg

  View on GitHub
  Digital Forensics Windows Registry (dfWinReg)
  ☆54May 27, 2026Updated 2 weeks ago
• bgrundy / cheatsheets-forensic

  View on GitHub
  Forensic cheatsheets for use with cheat
  ☆15Dec 2, 2021Updated 4 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• msuhanov / dfir_ntfs

  View on GitHub
  An NTFS/FAT parser for digital forensics & incident response
  ☆234Oct 31, 2025Updated 7 months ago
• AndrewRathbun / DFIRArtifactMuseum

  View on GitHub
  The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…
  ☆654May 11, 2026Updated last month
• jschicht / LogFileParser

  View on GitHub
  Parser for $LogFile on NTFS
  ☆218Jun 5, 2026Updated last week
• ForensicArtifacts / artifacts

  View on GitHub
  Digital Forensics artifact repository
  ☆1,240May 16, 2026Updated last month
• EricZimmerman / SDB

  View on GitHub
  Parse Microsoft shim databases
  ☆32Apr 26, 2026Updated last month
• AndrewRathbun / DFIRPowerShellScripts

  View on GitHub
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆53Jan 9, 2026Updated 5 months ago
• theflakes / reg_hunter

  View on GitHub
  Blueteam operational triage registry hunting/forensic tool.
  ☆148Sep 2, 2025Updated 9 months ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆656Jun 19, 2024Updated last year
• strozfriedberg / notatin

  View on GitHub
  A Windows registry file parser written in Rust
  ☆40Oct 30, 2025Updated 7 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• nasbench / EVTX-ETW-Resources

  View on GitHub
  Event Tracing For Windows (ETW) Resources
  ☆430Oct 30, 2025Updated 7 months ago
• AndrewRathbun / Awesome-KAPE

  View on GitHub
  A curated list of KAPE-related resources
  ☆188May 1, 2025Updated last year
• libyal / assorted

  View on GitHub
  Assorted documentation, scripts and tools
  ☆39Jun 7, 2026Updated last week
• strozfriedberg / sidr

  View on GitHub
  Search Index Database Reporter
  ☆136Oct 28, 2025Updated 7 months ago
• EricZimmerman / KapeFiles

  View on GitHub
  This repository serves as a place for community created Targets and Modules for use with KAPE.
  ☆846Jun 3, 2026Updated last week
• msuhanov / yarp

  View on GitHub
  Yet another registry parser
  ☆138Apr 15, 2022Updated 4 years ago
• McL0vinn / Windows-Forensic-Examination-and-Threat-Hunting

  View on GitHub
  Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…
  ☆15May 30, 2026Updated 2 weeks ago
• kacos2000 / Jumplist-Browser

  View on GitHub
  Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser
  ☆49Jun 3, 2026Updated last week
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,571Jan 24, 2023Updated 3 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• 0xTriboulet / Cycotic

  View on GitHub
  A python polymorphic engine for C programs
  ☆11Dec 8, 2023Updated 2 years ago
• AndrewRathbun / DirectoryOpus-DFIRConfig

  View on GitHub
  A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life …
  ☆41Jan 6, 2025Updated last year
• EricZimmerman / Issues

  View on GitHub
  This is a repository for reporting any issues in any of my software
  ☆13May 15, 2018Updated 8 years ago
• KelvinMsft / TechMyths

  View on GitHub
  ☆18Mar 28, 2023Updated 3 years ago
• davidpany / WMI_Forensics

  View on GitHub
  ☆314Aug 14, 2020Updated 5 years ago
• kacos2000 / WindowsTimeline

  View on GitHub
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆196Feb 16, 2023Updated 3 years ago
• qbrusa / Windows-Security-Event-ID-Helper

  View on GitHub
  This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…
  ☆11Mar 2, 2023Updated 3 years ago