mandiant/ShimCacheParser external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mandiant/ShimCacheParser

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mandiant/ShimCacheParser)

Close

mandiant / ShimCacheParserView on GitHubMore

• External links
• Readme badge

☆278Apr 6, 2023Updated 3 years ago

Alternatives and similar repositories for ShimCacheParser

Users that are interested in ShimCacheParser are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• williballenthin / python-registry

  View on GitHub
  Pure Python parser for Windows Registry hives.
  ☆443Jan 27, 2025Updated last year
• mbevilacqua / appcompatprocessor

  View on GitHub
  "Evolving AppCompat/AmCache data analysis beyond grep"
  ☆208Sep 15, 2021Updated 4 years ago
• williballenthin / INDXParse

  View on GitHub
  Tool suite for inspecting NTFS artifacts.
  ☆226Nov 1, 2023Updated 2 years ago
• EricZimmerman / AppCompatCacheParser

  View on GitHub
  AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10, and Windows 11
  ☆127Jan 12, 2025Updated last year
• williballenthin / shellbags

  View on GitHub
  Cross-platform, open-source shellbag parser
  ☆159Jan 31, 2023Updated 3 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• davidpany / WMI_Forensics

  View on GitHub
  ☆312Aug 14, 2020Updated 5 years ago
• log2timeline / plaso

  View on GitHub
  Super timeline all the things
  ☆2,048Feb 10, 2026Updated last month
• mandiant / Reversing

  View on GitHub
  ☆108Jul 18, 2017Updated 8 years ago
• Invoke-IR / PowerForensics

  View on GitHub
  PowerForensics provides an all in one platform for live disk forensic analysis
  ☆1,429Nov 16, 2023Updated 2 years ago
• mandiant / AuditParser

  View on GitHub
  AuditParser
  ☆60Aug 28, 2013Updated 12 years ago
• mandiant / ioc_writer

  View on GitHub
  ☆208May 3, 2023Updated 2 years ago
• williballenthin / EVTXtract

  View on GitHub
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆210Mar 12, 2025Updated last year
• orlikoski / CDQR

  View on GitHub
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆343Jun 25, 2022Updated 3 years ago
• williballenthin / python-evtx

  View on GitHub
  Pure Python parser for Windows Event Log files (.evtx)
  ☆770Mar 19, 2026Updated 3 weeks ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,643Nov 22, 2022Updated 3 years ago
• rowingdude / analyzeMFT

  View on GitHub
  analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…
  ☆531Aug 13, 2025Updated 7 months ago
• JPCERTCC / aa-tools

  View on GitHub
  Artifact analysis tools by JPCERT/CC Analysis Center
  ☆462Aug 14, 2025Updated 7 months ago
• mandiant / iocs

  View on GitHub
  FireEye Publicly Shared Indicators of Compromise (IOCs)
  ☆472Jan 19, 2019Updated 7 years ago
• ThreatHuntingProject / ThreatHunting

  View on GitHub
  An informational repo about hunting for adversaries in your IT environment.
  ☆1,858Nov 17, 2021Updated 4 years ago
• woanware / usbdeviceforensics

  View on GitHub
  Python script for extracting USB information from Windows registry hives
  ☆129Aug 14, 2019Updated 6 years ago
• orlikoski / CyLR

  View on GitHub
  CyLR - Live Response Collection Tool
  ☆722Jun 1, 2022Updated 3 years ago
• PoorBillionaire / Windows-Prefetch-Parser

  View on GitHub
  Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
  ☆122May 29, 2024Updated last year
• mandiant / flare-wmi

  View on GitHub
  ☆432May 3, 2023Updated 2 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• TakahiroHaruyama / openioc_scan

  View on GitHub
  openioc_scan Volatility Framework plugin
  ☆44Feb 25, 2016Updated 10 years ago
• ForensicArtifacts / artifacts

  View on GitHub
  Digital Forensics artifact repository
  ☆1,223Feb 11, 2026Updated last month
• google / rekall

  View on GitHub
  Rekall Memory Forensic Framework
  ☆2,001Oct 18, 2020Updated 5 years ago
• bromiley / tools

  View on GitHub
  Various tools and scripts
  ☆43Nov 30, 2022Updated 3 years ago
• n3l5 / irFARTpull

  View on GitHub
  PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.
  ☆52Jan 25, 2018Updated 8 years ago
• Neo23x0 / ImpHash-Generator

  View on GitHub
  PE Import Hash Generator
  ☆79Jul 17, 2017Updated 8 years ago
• mandiant / Volatility-Plugins

  View on GitHub
  ☆83Jul 5, 2016Updated 9 years ago
• biggiesmallsAG / nightHawkResponse

  View on GitHub
  Incident Response Forensic Framework
  ☆612Nov 20, 2019Updated 6 years ago
• williballenthin / python-sdb

  View on GitHub
  Pure Python parser for Application Compatibility Shim Databases (.sdb files)
  ☆110Jan 26, 2021Updated 5 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• SekoiaLab / Fastir_Collector

  View on GitHub
  ☆520Jan 26, 2021Updated 5 years ago
• fireeye / RProxy

  View on GitHub
  ☆109Nov 21, 2013Updated 12 years ago
• armbues / ioc_parser

  View on GitHub
  Tool to extract indicators of compromise from security reports in PDF format
  ☆440Feb 24, 2023Updated 3 years ago
• woanware / autorunner

  View on GitHub
  Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
  ☆55May 18, 2019Updated 6 years ago
• Infocyte / PSHunt

  View on GitHub
  Powershell Threat Hunting Module
  ☆290Sep 21, 2016Updated 9 years ago
• mkorman90 / VolatilityBot

  View on GitHub
  VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  ☆269Jun 15, 2021Updated 4 years ago
• orlikoski / Skadi

  View on GitHub
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆506Oct 21, 2022Updated 3 years ago