mandiant/ShimCacheParser external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mandiant/ShimCacheParser

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mandiant/ShimCacheParser)

Close

mandiant / ShimCacheParserView on GitHubMore

• External links
• Readme badge

☆279Apr 6, 2023Updated 3 years ago

Alternatives and similar repositories for ShimCacheParser

Users that are interested in ShimCacheParser are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• williballenthin / python-registry

  View on GitHub
  Pure Python parser for Windows Registry hives.
  ☆446Jan 27, 2025Updated last year
• mbevilacqua / appcompatprocessor

  View on GitHub
  "Evolving AppCompat/AmCache data analysis beyond grep"
  ☆212Sep 15, 2021Updated 4 years ago
• williballenthin / INDXParse

  View on GitHub
  Tool suite for inspecting NTFS artifacts.
  ☆227Nov 1, 2023Updated 2 years ago
• EricZimmerman / AppCompatCacheParser

  View on GitHub
  AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10, and Windows 11
  ☆129May 3, 2026Updated last month
• williballenthin / shellbags

  View on GitHub
  Cross-platform, open-source shellbag parser
  ☆160Jan 31, 2023Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• davidpany / WMI_Forensics

  View on GitHub
  ☆314Aug 14, 2020Updated 5 years ago
• log2timeline / plaso

  View on GitHub
  Super timeline all the things
  ☆2,088May 27, 2026Updated last week
• mandiant / Reversing

  View on GitHub
  ☆108Jul 18, 2017Updated 8 years ago
• mandiant / AuditParser

  View on GitHub
  AuditParser
  ☆60Aug 28, 2013Updated 12 years ago
• Invoke-IR / PowerForensics

  View on GitHub
  PowerForensics provides an all in one platform for live disk forensic analysis
  ☆1,435Nov 16, 2023Updated 2 years ago
• mandiant / ioc_writer

  View on GitHub
  ☆208May 3, 2023Updated 3 years ago
• williballenthin / EVTXtract

  View on GitHub
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆211Mar 12, 2025Updated last year
• orlikoski / CDQR

  View on GitHub
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆345Jun 25, 2022Updated 3 years ago
• williballenthin / python-evtx

  View on GitHub
  Pure Python parser for Windows Event Log files (.evtx)
  ☆771Mar 19, 2026Updated 2 months ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,655Nov 22, 2022Updated 3 years ago
• rowingdude / analyzeMFT

  View on GitHub
  analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…
  ☆533Apr 27, 2026Updated last month
• JPCERTCC / aa-tools

  View on GitHub
  Artifact analysis tools by JPCERT/CC Analysis Center
  ☆464Aug 14, 2025Updated 9 months ago
• mandiant / iocs

  View on GitHub
  FireEye Publicly Shared Indicators of Compromise (IOCs)
  ☆470Jan 19, 2019Updated 7 years ago
• ThreatHuntingProject / ThreatHunting

  View on GitHub
  An informational repo about hunting for adversaries in your IT environment.
  ☆1,872Nov 17, 2021Updated 4 years ago
• woanware / usbdeviceforensics

  View on GitHub
  Python script for extracting USB information from Windows registry hives
  ☆130Aug 14, 2019Updated 6 years ago
• orlikoski / CyLR

  View on GitHub
  CyLR - Live Response Collection Tool
  ☆726Jun 1, 2022Updated 4 years ago
• PoorBillionaire / Windows-Prefetch-Parser

  View on GitHub
  Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
  ☆122May 29, 2024Updated 2 years ago
• mandiant / flare-wmi

  View on GitHub
  ☆434May 3, 2023Updated 3 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• TakahiroHaruyama / openioc_scan

  View on GitHub
  openioc_scan Volatility Framework plugin
  ☆44Feb 25, 2016Updated 10 years ago
• ForensicArtifacts / artifacts

  View on GitHub
  Digital Forensics artifact repository
  ☆1,238May 16, 2026Updated 3 weeks ago
• google / rekall

  View on GitHub
  Rekall Memory Forensic Framework
  ☆1,998Oct 18, 2020Updated 5 years ago
• bromiley / tools

  View on GitHub
  Various tools and scripts
  ☆43Nov 30, 2022Updated 3 years ago
• n3l5 / irFARTpull

  View on GitHub
  PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.
  ☆53Jan 25, 2018Updated 8 years ago
• Neo23x0 / ImpHash-Generator

  View on GitHub
  PE Import Hash Generator
  ☆79Jul 17, 2017Updated 8 years ago
• biggiesmallsAG / nightHawkResponse

  View on GitHub
  Incident Response Forensic Framework
  ☆610Nov 20, 2019Updated 6 years ago
• mandiant / Volatility-Plugins

  View on GitHub
  ☆84Jul 5, 2016Updated 9 years ago
• williballenthin / python-sdb

  View on GitHub
  Pure Python parser for Application Compatibility Shim Databases (.sdb files)
  ☆110Jan 26, 2021Updated 5 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• SekoiaLab / Fastir_Collector

  View on GitHub
  ☆520Jan 26, 2021Updated 5 years ago
• fireeye / RProxy

  View on GitHub
  ☆110Nov 21, 2013Updated 12 years ago
• armbues / ioc_parser

  View on GitHub
  Tool to extract indicators of compromise from security reports in PDF format
  ☆439Feb 24, 2023Updated 3 years ago
• woanware / autorunner

  View on GitHub
  Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
  ☆55May 18, 2019Updated 7 years ago
• Infocyte / PSHunt

  View on GitHub
  Powershell Threat Hunting Module
  ☆291Sep 21, 2016Updated 9 years ago
• mkorman90 / VolatilityBot

  View on GitHub
  VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  ☆268Jun 15, 2021Updated 4 years ago
• bigsnarfdude / Malware-Probabilistic-Data-Structres

  View on GitHub
  NSRL BloomFilter, Mandiant BloomFilter, Hyperloglog Malware Data Structure
  ☆15Mar 14, 2014Updated 12 years ago