mkorman90 / regipyLinks
Regipy is an os independent python library for parsing offline registry hives
☆257Updated this week
Alternatives and similar repositories for regipy
Users that are interested in regipy are comparing it to the libraries listed below
Sorting:
- A modern Python-3-based alternative to RegRipper☆196Updated 2 months ago
- An AFF4 C++ implementation.☆202Updated 2 years ago
- ☆304Updated 4 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆205Updated 3 years ago
- YARA malware query accelerator (web frontend)☆431Updated 3 months ago
- ☆277Updated 2 years ago
- Tool suite for inspecting NTFS artifacts.☆223Updated last year
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated last week
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆195Updated 3 months ago
- An NTFS/FAT parser for digital forensics & incident response☆203Updated 7 months ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆424Updated 4 years ago
- Yet another registry parser☆132Updated 3 years ago
- Command line access to the Registry☆148Updated last month
- Pure Python parser for Windows Registry hives.☆430Updated 4 months ago
- C# based evtx parser with lots of extras☆313Updated 2 months ago
- The Volatility Collaborative GUI☆246Updated this week
- Set of Yara rules for finding files using magics headers☆137Updated 4 years ago
- ☆428Updated 2 years ago
- Tool Analysis Result Sheet☆354Updated 7 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆338Updated 2 years ago
- Live forensic artifacts collector☆167Updated 11 months ago
- Windows Live Artifacts Acquisition Script☆188Updated 3 years ago
- Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant☆236Updated 2 years ago
- Parser for $LogFile on NTFS☆196Updated 3 weeks ago
- Misc Threat Hunting Resources☆373Updated 2 years ago
- Scripts to facilitate filtering with Plaso☆126Updated 5 years ago
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆323Updated 4 months ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆376Updated 3 years ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆163Updated 7 months ago
- ☆148Updated last year