libyal / winreg-kbLinks
Windows Registry Knowledge Base
☆175Updated 8 months ago
Alternatives and similar repositories for winreg-kb
Users that are interested in winreg-kb are comparing it to the libraries listed below
Sorting:
- AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10☆118Updated 5 months ago
- Command line access to the Registry☆148Updated last month
- ☆148Updated last year
- Parses amcache.hve files, but with a twist!☆136Updated 5 months ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆113Updated 5 months ago
- $MFT directory tree reconstruction & FILE record info☆305Updated 8 months ago
- Parser for $UsnJrnl on NTFS☆111Updated 2 years ago
- An NTFS/FAT parser for digital forensics & incident response☆203Updated 7 months ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆189Updated 2 years ago
- MFT parser☆67Updated 4 months ago
- Parser for $LogFile on NTFS☆196Updated 3 weeks ago
- Lnk Explorer Command line edition!!☆310Updated 5 months ago
- ☆67Updated last month
- Carve file metadata from NTFS index ($I30) attributes☆66Updated last year
- Event Tracing For Windows (ETW) Resources☆389Updated 8 months ago
- C# based evtx parser with lots of extras☆313Updated 2 months ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆215Updated 5 years ago
- Parses $MFT from NTFS file systems☆247Updated last month
- Sysmon-Like research tool for ETW☆354Updated 2 years ago
- Library and tools to access the Windows Prefetch File (SCCA) format.☆75Updated 5 months ago
- Event Trace Log file parser in pure Python☆141Updated 4 years ago
- Yet another registry parser☆132Updated 3 years ago
- Windows registry file format specification☆339Updated 6 years ago
- Tool suite for inspecting NTFS artifacts.☆223Updated last year
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆163Updated 7 months ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Updated 2 years ago
- Documentation repository☆46Updated 9 months ago
- A better strings utility!☆136Updated this week
- Full featured, offline Registry parser in C#☆230Updated 5 months ago
- Documentation and supporting script sample for Windows Exploit Guard☆156Updated 3 years ago