mkorman90 / regipyLinks
Regipy is an os independent python library for parsing offline registry hives
☆258Updated last month
Alternatives and similar repositories for regipy
Users that are interested in regipy are comparing it to the libraries listed below
Sorting:
- An NTFS/FAT parser for digital forensics & incident response☆206Updated 8 months ago
- Tool suite for inspecting NTFS artifacts.☆223Updated last year
- A modern Python-3-based alternative to RegRipper☆196Updated 4 months ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated 2 weeks ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆195Updated 4 months ago
- An AFF4 C++ implementation.☆206Updated 2 years ago
- ☆304Updated 4 years ago
- YARA malware query accelerator (web frontend)☆433Updated 4 months ago
- Yet another registry parser☆133Updated 3 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆205Updated 3 years ago
- Command line access to the Registry☆153Updated 2 weeks ago
- Python bindings for https://github.com/omerbenamram/evtx/☆50Updated 5 months ago
- ☆278Updated 2 years ago
- Parser for $LogFile on NTFS☆199Updated 2 months ago
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆327Updated 5 months ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆487Updated 2 weeks ago
- Set of Yara rules for finding files using magics headers☆138Updated 4 years ago
- A better strings utility!☆136Updated last month
- c2 traffic☆189Updated 2 years ago
- YARA Rules I come across on the internet☆346Updated last year
- Pure Python parser for Windows Registry hives.☆431Updated 6 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆170Updated 8 months ago
- Extract $MFT record info and log it to a csv file.☆274Updated 9 months ago
- The Volatility Collaborative GUI☆248Updated this week
- Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant☆237Updated 2 years ago
- Scripts to facilitate filtering with Plaso☆126Updated 5 years ago
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆125Updated 3 years ago
- ☆128Updated 6 months ago
- $MFT directory tree reconstruction & FILE record info☆307Updated 9 months ago
- Automatically create YARA rules from malicious documents.☆211Updated 3 years ago