Alternatives and similar repositories for regipy

Users that are interested in regipy are comparing it to the libraries listed below

• airbus-cert / regrippy

  View on GitHub
  A modern Python-3-based alternative to RegRipper
  ☆205Mar 31, 2025Updated 10 months ago
• msuhanov / yarp

  View on GitHub
  Yet another registry parser
  ☆138Apr 15, 2022Updated 3 years ago
• williballenthin / python-registry

  View on GitHub
  Pure Python parser for Windows Registry hives.
  ☆440Jan 27, 2025Updated last year
• msuhanov / dfir_ntfs

  View on GitHub
  An NTFS/FAT parser for digital forensics & incident response
  ☆217Oct 31, 2025Updated 3 months ago
• orlikoski / CDQR

  View on GitHub
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆345Jun 25, 2022Updated 3 years ago
• AbdulRhmanAlfaifi / lnk_parser

  View on GitHub
  lnk_parser is a full rust implementation to parse windows LNK files
  ☆22Jul 12, 2025Updated 7 months ago
• ydkhatri / jarp

  View on GitHub
  Just Another broken Registry Parser (JARP)
  ☆16May 23, 2024Updated last year
• CrowdStrike / SuperMem

  View on GitHub
  A python script developed to process Windows memory images based on triage type.
  ☆264Nov 25, 2023Updated 2 years ago
• forensicanalysis / artifactcollector

  View on GitHub
  🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
  ☆305May 7, 2025Updated 9 months ago
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• omerbenamram / pyevtx-rs

  View on GitHub
  Python bindings for https://github.com/omerbenamram/evtx/
  ☆55Jan 3, 2026Updated last month
• ydkhatri / Appx-Analysis

  View on GitHub
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆19Feb 26, 2024Updated last year
• ANSSI-FR / bits_parser

  View on GitHub
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆73Feb 13, 2025Updated last year
• AndrewRathbun / DFIRArtifactMuseum

  View on GitHub
  The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…
  ☆645Nov 7, 2025Updated 3 months ago
• orlikoski / Skadi

  View on GitHub
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆504Oct 21, 2022Updated 3 years ago
• omerbenamram / evtx

  View on GitHub
  A Fast (and safe) parser for the Windows XML Event Log (EVTX) format
  ☆880Feb 6, 2026Updated last week
• orlikoski / CyLR

  View on GitHub
  CyLR - Live Response Collection Tool
  ☆708Jun 1, 2022Updated 3 years ago
• ArsenalRecon / SdbaParser

  View on GitHub
  Parser for Sdba memory pool tags
  ☆21Jul 16, 2021Updated 4 years ago
• zerber0s / mac_int

  View on GitHub
  macOS Artifact Intelligence Tool
  ☆13Apr 30, 2019Updated 6 years ago
• microsoft / avml

  View on GitHub
  AVML - Acquire Volatile Memory for Linux
  ☆1,053Feb 3, 2026Updated last week
• google / turbinia

  View on GitHub
  Automation and Scaling of Digital Forensics Tools
  ☆782Jan 15, 2026Updated 3 weeks ago
• jklepsercyber / defender-detectionhistory-parser

  View on GitHub
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆116Jan 26, 2022Updated 4 years ago
• yampelo / beagle

  View on GitHub
  Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
  ☆1,339Dec 13, 2022Updated 3 years ago
• DFIRKuiper / Kuiper

  View on GitHub
  Digital Forensics Investigation Platform
  ☆870Oct 12, 2024Updated last year
• Beercow / OneDriveExplorer

  View on GitHub
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆228Jan 6, 2026Updated last month
• MarkBaggett / ese-analyst

  View on GitHub
  This is a set of tools for doing forensics analysis on Microsoft ESE databases.
  ☆128Jan 31, 2022Updated 4 years ago
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆778Feb 6, 2026Updated last week
• DFIR-ORC / dfir-orc

  View on GitHub
  Forensics artefact collection tool for systems running Microsoft Windows
  ☆431Mar 26, 2025Updated 10 months ago
• EricZimmerman / RECmd

  View on GitHub
  Command line access to the Registry
  ☆167Feb 5, 2026Updated last week
• pstirparo / utils

  View on GitHub
  Different DFIR and CTI utilities
  ☆38May 13, 2020Updated 5 years ago
• halpomeranz / dfis

  View on GitHub
  Digital Forensic Investigative Scripts
  ☆87Feb 6, 2026Updated last week
• ForensicArtifacts / artifacts

  View on GitHub
  Digital Forensics artifact repository
  ☆1,201Updated this week
• kacos2000 / Prefetch-Browser

  View on GitHub
  Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
  ☆64Dec 18, 2024Updated last year
• log2timeline / dfvfs

  View on GitHub
  Digital Forensics Virtual File System (dfVFS)
  ☆217Updated this week
• theflakes / reg_hunter

  View on GitHub
  Blueteam operational triage registry hunting/forensic tool.
  ☆149Sep 2, 2025Updated 5 months ago
• dfirtrack / dfirtrack

  View on GitHub
  DFIRTrack - The Incident Response Tracking Application
  ☆532Jan 13, 2026Updated last month
• mkorman90 / sysmon-config-bypass-finder

  View on GitHub
  Detect possible sysmon logging bypasses given a specific configuration
  ☆111Dec 26, 2018Updated 7 years ago
• kacos2000 / Win10LiveInfo

  View on GitHub
  Windows 10 Live Information viewer
  ☆37Jan 27, 2022Updated 4 years ago
• pcbje / pyad1

  View on GitHub
  Python library for parsing AccessData AD1 images
  ☆33Jun 1, 2023Updated 2 years ago