Windows Registry Knowledge Base
☆195Apr 13, 2026Updated 3 weeks ago
Alternatives and similar repositories for winreg-kb
Users that are interested in winreg-kb are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Digital Forensics Artifacts Knowledge Base☆90Apr 11, 2026Updated 3 weeks ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Extensible Storage Engine (ESE) Database File Knowledge Base☆46Apr 13, 2026Updated 3 weeks ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…☆52Oct 29, 2025Updated 6 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Windows Event Log Knowledge Base☆33Apr 13, 2026Updated 3 weeks ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆21Jul 1, 2023Updated 2 years ago
- Documentation repository☆48Feb 11, 2026Updated 2 months ago
- Collection of data formats☆194Apr 13, 2026Updated 3 weeks ago
- USN Journal full path builder☆69Apr 16, 2026Updated 2 weeks ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- Windows registry file format specification☆364Oct 27, 2018Updated 7 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- An NTFS/FAT parser for digital forensics & incident response☆230Oct 31, 2025Updated 6 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆650Nov 7, 2025Updated 5 months ago
- Digital Forensics artifact repository☆1,240Apr 29, 2026Updated last week
- Parser for $LogFile on NTFS☆217Jun 1, 2025Updated 11 months ago
- Parse Microsoft shim databases☆32Apr 26, 2026Updated last week
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆647Jun 19, 2024Updated last year
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 8 months ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆53Jan 9, 2026Updated 3 months ago
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 6 months ago
- Event Tracing For Windows (ETW) Resources☆425Oct 30, 2025Updated 6 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A curated list of KAPE-related resources☆186May 1, 2025Updated last year
- Assorted documentation, scripts and tools☆39Dec 11, 2025Updated 4 months ago
- Search Index Database Reporter☆136Oct 28, 2025Updated 6 months ago
- This repository serves as a place for community created Targets and Modules for use with KAPE.☆838Apr 29, 2026Updated last week
- Yet another registry parser☆137Apr 15, 2022Updated 4 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆47Apr 4, 2026Updated last month
- Windows Events Attack Samples☆2,554Jan 24, 2023Updated 3 years ago
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life …☆40Jan 6, 2025Updated last year
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 7 years ago
- ☆18Mar 28, 2023Updated 3 years ago
- ☆312Aug 14, 2020Updated 5 years ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago
- Library and tools to access the Windows NT Registry File (REGF) format☆133Dec 19, 2025Updated 4 months ago
- This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…☆11Mar 2, 2023Updated 3 years ago