Windows Registry Knowledge Base
☆195Dec 23, 2025Updated 3 months ago
Alternatives and similar repositories for winreg-kb
Users that are interested in winreg-kb are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Digital Forensics Artifacts Knowledge Base☆90Dec 23, 2025Updated 3 months ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Extensible Storage Engine (ESE) Database File Knowledge Base☆46Dec 23, 2025Updated 3 months ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…☆53Oct 29, 2025Updated 4 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Windows Event Log Knowledge Base☆31Dec 23, 2025Updated 3 months ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆21Jul 1, 2023Updated 2 years ago
- Documentation repository☆48Feb 11, 2026Updated last month
- Collection of data formats☆191Dec 23, 2025Updated 3 months ago
- USN Journal full path builder☆67Sep 16, 2024Updated last year
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- Windows registry file format specification☆354Oct 27, 2018Updated 7 years ago
- Digital Forensics Windows Registry (dfWinReg)☆54Dec 22, 2025Updated 3 months ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆648Nov 7, 2025Updated 4 months ago
- Parser for $LogFile on NTFS☆216Jun 1, 2025Updated 9 months ago
- Digital Forensics artifact repository☆1,217Feb 11, 2026Updated last month
- An NTFS/FAT parser for digital forensics & incident response☆224Oct 31, 2025Updated 4 months ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆51Jan 9, 2026Updated 2 months ago
- Parse Microsoft shim databases☆32Jan 8, 2025Updated last year
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆644Jun 19, 2024Updated last year
- Blueteam operational triage registry hunting/forensic tool.☆149Sep 2, 2025Updated 6 months ago
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 4 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A curated list of KAPE-related resources☆184May 1, 2025Updated 10 months ago
- Event Tracing For Windows (ETW) Resources☆421Oct 30, 2025Updated 4 months ago
- Assorted documentation, scripts and tools☆39Dec 11, 2025Updated 3 months ago
- Search Index Database Reporter☆132Oct 28, 2025Updated 4 months ago
- This repository serves as a place for community created Targets and Modules for use with KAPE.☆824Mar 12, 2026Updated 2 weeks ago
- Yet another registry parser☆137Apr 15, 2022Updated 3 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆45Mar 13, 2026Updated 2 weeks ago
- Windows Events Attack Samples☆2,531Jan 24, 2023Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life …☆39Jan 6, 2025Updated last year
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 7 years ago
- ☆18Mar 28, 2023Updated 2 years ago
- ☆310Aug 14, 2020Updated 5 years ago
- Library and tools to access the Windows NT Registry File (REGF) format☆133Dec 19, 2025Updated 3 months ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago