Alternatives and similar repositories for forensicsim

Users that are interested in forensicsim are comparing it to the libraries listed below

• Beercow / OneDriveExplorer

  View on GitHub
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆228Jan 6, 2026Updated last month
• ydkhatri / jarp

  View on GitHub
  Just Another broken Registry Parser (JARP)
  ☆16May 23, 2024Updated last year
• ArsenalRecon / SdbaParser

  View on GitHub
  Parser for Sdba memory pool tags
  ☆21Jul 16, 2021Updated 4 years ago
• cclgroupltd / chrome-profile-view

  View on GitHub
  Python web app for previewing data in a Chrome Profile Folder
  ☆23Jul 1, 2024Updated last year
• CyberCX-DFIR / usnjrnl_rewind

  View on GitHub
  USN Journal full path builder
  ☆65Sep 16, 2024Updated last year
• mac4n6 / FSEventsParser

  View on GitHub
  Parser fo macOS/iOS FSEvents Logs
  ☆43May 6, 2024Updated last year
• 0xHasanM / Autopsy-Registry-Explorer

  View on GitHub
  Autopsy Module to analyze Registry Hives
  ☆15Feb 18, 2022Updated 3 years ago
• abrignoni / WLEAPP

  View on GitHub
  WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.
  ☆33Nov 16, 2023Updated 2 years ago
• kacos2000 / Prefetch-Browser

  View on GitHub
  Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
  ☆64Dec 18, 2024Updated last year
• harelsegev / INDXRipper

  View on GitHub
  Carve file metadata from NTFS index ($I30) attributes
  ☆70Feb 3, 2024Updated 2 years ago
• Yamato-Security / suzaku

  View on GitHub
  Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
  ☆167Dec 7, 2025Updated 2 months ago
• bgrundy / cheatsheets-forensic

  View on GitHub
  Forensic cheatsheets for use with cheat
  ☆15Dec 2, 2021Updated 4 years ago
• dhondta / AppmemDumper

  View on GitHub
  Forensics triage tool relying on Volatility and Foremost
  ☆25Dec 3, 2023Updated 2 years ago
• kacos2000 / Evtx_Log_Browser

  View on GitHub
  Evtx Log (xml) Browser
  ☆56Mar 12, 2023Updated 2 years ago
• net-protect / google-fs-recover

  View on GitHub
  Google Filestream Forensic Tool
  ☆22Mar 10, 2022Updated 3 years ago
• khyrenz / parseusbs

  View on GitHub
  Parses USB connection artifacts from offline Registry hives
  ☆107Updated this week
• n0fate / walitean

  View on GitHub
  ☆35Aug 4, 2018Updated 7 years ago
• AndrewRathbun / DFIRRegex

  View on GitHub
  A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
  ☆107Nov 23, 2022Updated 3 years ago
• ydkhatri / spotlight_queries

  View on GitHub
  Queries for parsed spotlight database in sqlite
  ☆13Dec 29, 2020Updated 5 years ago
• Intrinsec / mplog_parser

  View on GitHub
  This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.
  ☆21Sep 30, 2022Updated 3 years ago
• gtworek / VolatileDataCollector

  View on GitHub
  ☆214Dec 2, 2025Updated 2 months ago
• kev365 / ToolFetcher

  View on GitHub
  A tool for fetching DFIR and other GitHub tools.
  ☆25Aug 2, 2025Updated 6 months ago
• SneakyNachos / MalwareAnalysisTraining

  View on GitHub
  Work in Progress repo
  ☆15Apr 18, 2019Updated 6 years ago
• ignacioj / mftf

  View on GitHub
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆38Jul 18, 2024Updated last year
• ufrisk / MemProcFS-plugins

  View on GitHub
  ☆62Oct 12, 2024Updated last year
• LETHAL-FORENSICS / Collect-MemoryDump

  View on GitHub
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆252Oct 29, 2025Updated 3 months ago
• 00010111 / gMetaDataParse

  View on GitHub
  ☆24Mar 12, 2025Updated 11 months ago
• S-RM / HELi

  View on GitHub
  Multicore EVTX to Elasticsearch ingestor for incident responders.
  ☆14May 12, 2021Updated 4 years ago
• Yamato-Security / takajo

  View on GitHub
  Takajō (鷹匠) is a Hayabusa results analyzer.
  ☆151Feb 1, 2026Updated 2 weeks ago
• Digital-Forensics-Discord-Server / GitHubLearningPlayground

  View on GitHub
  Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…
  ☆14Jun 21, 2024Updated last year
• AmgdGocha / DriveFS-Sleuth

  View on GitHub
  DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…
  ☆87Dec 20, 2024Updated last year
• sumeshi / ntfsfind

  View on GitHub
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆28Feb 21, 2024Updated last year
• nrvana / macOS-triage

  View on GitHub
  macOS triage is a python script to collect various macOS logs, artifacts, and other data.
  ☆25Mar 25, 2021Updated 4 years ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool

  View on GitHub
  Linux Baseline and Forensic Triage Tool - BETA
  ☆57Sep 8, 2022Updated 3 years ago
• Hestat / calamity

  View on GitHub
  A script to assist in processing forensic RAM captures for malware triage
  ☆26Feb 4, 2021Updated 5 years ago
• sumeshi / ntfsdump

  View on GitHub
  An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.
  ☆22Feb 21, 2024Updated last year
• mandiant / macos-UnifiedLogs

  View on GitHub
  A cross platform parser for Apple UnifiedLogs!
  ☆323Feb 1, 2026Updated last week
• CarlosLannister / awesome-autopsy-plugins

  View on GitHub
  A list of Autopsy awesome plugins.
  ☆76Jan 20, 2022Updated 4 years ago
• AndrewRathbun / DFIRPowerShellScripts

  View on GitHub
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆51Jan 9, 2026Updated last month