mkorman90 / regipyLinks
Regipy is an os independent python library for parsing offline registry hives
☆261Updated 3 weeks ago
Alternatives and similar repositories for regipy
Users that are interested in regipy are comparing it to the libraries listed below
Sorting:
- An NTFS/FAT parser for digital forensics & incident response☆211Updated 10 months ago
- Tool suite for inspecting NTFS artifacts.☆224Updated last year
- A modern Python-3-based alternative to RegRipper☆196Updated 6 months ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated last month
- An AFF4 C++ implementation.☆211Updated 2 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆199Updated 6 months ago
- ☆304Updated 5 years ago
- Command line access to the Registry☆155Updated last month
- A better strings utility!☆142Updated last month
- Yet another registry parser☆136Updated 3 years ago
- Python bindings for https://github.com/omerbenamram/evtx/☆52Updated 7 months ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆205Updated 4 years ago
- YARA malware query accelerator (web frontend)☆434Updated last week
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆333Updated 7 months ago
- Parser for $LogFile on NTFS☆203Updated 4 months ago
- Set of Yara rules for finding files using magics headers☆140Updated 5 years ago
- ☆278Updated 2 years ago
- ☆150Updated last year
- YARA Rules I come across on the internet☆351Updated last year
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆175Updated 10 months ago
- Extract $MFT record info and log it to a csv file.☆278Updated 11 months ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆106Updated 4 months ago
- The Volatility Collaborative GUI☆252Updated this week
- Pure Python parser for Windows Registry hives.☆434Updated 8 months ago
- c2 traffic☆190Updated 2 years ago
- Automatically create YARA rules from malicious documents.☆212Updated 3 years ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆498Updated last month
- Scripts to facilitate filtering with Plaso☆127Updated 5 years ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆115Updated 8 months ago
- ☆128Updated 8 months ago