ninoseki/eml_analyzer

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ninoseki/eml_analyzer)

ninoseki / eml_analyzer

An application to analyze the EML file

☆339

Alternatives and similar repositories for eml_analyzer

Users that are interested in eml_analyzer are comparing it to the libraries listed below

Sorting:

ninoseki / iocingestor
View on GitHub
An extendable tool to extract and aggregate IoCs from threat feeds
☆33Feb 6, 2024Updated 2 years ago
JPCERTCC / jpcert-yara
View on GitHub
JPCERT/CC public YARA rules repository
☆109Nov 14, 2025Updated 3 months ago
EFForg / yaya
View on GitHub
Yet Another Yara Automaton - Automatically curate open source yara rules and run scans
☆302Dec 27, 2023Updated 2 years ago
00010111 / gMetaDataParse
View on GitHub
☆24Mar 12, 2025Updated 11 months ago
wagga40 / Zircolite
View on GitHub
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
☆786Feb 22, 2026Updated last week
net-protect / google-fs-recover
View on GitHub
Google Filestream Forensic Tool
☆22Mar 10, 2022Updated 3 years ago
NVISOsecurity / evtx-hunter
View on GitHub
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
☆158Nov 30, 2021Updated 4 years ago
dfir-iris / iris-web
View on GitHub
Collaborative Incident Response platform
☆1,429Feb 16, 2026Updated 2 weeks ago
kacos2000 / Evtx_Log_Browser
View on GitHub
Evtx Log (xml) Browser
☆56Mar 12, 2023Updated 2 years ago
COSSAS / sacti
View on GitHub
SACTI - Securely aggregate CTI sightings and report them on MISP
☆14Oct 24, 2022Updated 3 years ago
theflakes / reg_hunter
View on GitHub
Blueteam operational triage registry hunting/forensic tool.
☆149Sep 2, 2025Updated 6 months ago
ahmedkhlief / APT-Hunter
View on GitHub
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …
☆1,402Nov 7, 2024Updated last year
target / halogen
View on GitHub
Automatically create YARA rules from malicious documents.
☆211May 16, 2022Updated 3 years ago
strontic / xcyclopedia
View on GitHub
Encyclopedia for Executables
☆471Nov 9, 2021Updated 4 years ago
zerber0s / mac_int
View on GitHub
macOS Artifact Intelligence Tool
☆13Apr 30, 2019Updated 6 years ago
ydkhatri / jarp
View on GitHub
Just Another broken Registry Parser (JARP)
☆16May 23, 2024Updated last year
jstrosch / subparse
View on GitHub
Modular malware analysis artifact collection and correlation framework
☆54Apr 23, 2024Updated last year
ninoseki / abuse_whois
View on GitHub
Yet another way to find where to report an abuse
☆31Jan 25, 2025Updated last year
cyberdefenders / email-header-analyzer
View on GitHub
E-Mail Header Analyzer
☆696Apr 11, 2023Updated 2 years ago
swisscom / Invoke-Forensics
View on GitHub
Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
☆118Nov 28, 2023Updated 2 years ago
WithSecureLabs / chainsaw
View on GitHub
Rapidly Search and Hunt through Windows Forensic Artefacts
☆3,460Updated this week
blueteam0ps / memOptix
View on GitHub
A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
☆97May 28, 2023Updated 2 years ago
kaansk / Go-MISPFeedGenerator
View on GitHub
Golang implementation of PyMISP-feedgenerator
☆18Jul 31, 2022Updated 3 years ago
LETHAL-FORENSICS / Collect-MemoryDump
View on GitHub
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
☆253Oct 29, 2025Updated 4 months ago
Yamato-Security / EnableWindowsLogSettings
View on GitHub
Documentation and scripts to properly enable Windows event logs.
☆672Oct 3, 2025Updated 5 months ago
alwashmi / MasterParser
View on GitHub
MasterParser is a simple, all-in-one, digital forensics artifact parser
☆24Jul 9, 2021Updated 4 years ago
secgroundzero / ossem_modular
View on GitHub
OSSEM Modular
☆27Jun 29, 2020Updated 5 years ago
muteb / Hoarder
View on GitHub
This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …
☆209Oct 19, 2020Updated 5 years ago
Yamato-Security / hayabusa
View on GitHub
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
☆3,037Feb 24, 2026Updated last week
Intrinsec / mplog_parser
View on GitHub
This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.
☆21Sep 30, 2022Updated 3 years ago
keydet89 / Events-Ripper
View on GitHub
Project based on RegRipper, to extract add'l value/pivot points from TLN events file
☆89Feb 9, 2025Updated last year
Hestat / calamity
View on GitHub
A script to assist in processing forensic RAM captures for malware triage
☆26Feb 4, 2021Updated 5 years ago
hashlookup / hashlookup-forensic-analyser
View on GitHub
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
☆128Sep 24, 2023Updated 2 years ago
target / strelka
View on GitHub
Real-time, container-based file scanning at enterprise scale
☆977Updated this week
mdecrevoisier / EVTX-to-MITRE-Attack
View on GitHub
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
☆612Dec 8, 2025Updated 2 months ago
pe3zx / mthc
View on GitHub
All-in-one bundle of MISP, TheHive and Cortex
☆170Sep 27, 2022Updated 3 years ago
AndrewRathbun / DFIRMindMaps
View on GitHub
A repository of DFIR-related Mind Maps geared towards the visual learners!
☆549Sep 2, 2022Updated 3 years ago
invictus-ir / Microsoft-Extractor-Suite
View on GitHub
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
☆771Updated this week
CyberCX-DFIR / usnjrnl_rewind
View on GitHub
USN Journal full path builder
☆66Sep 16, 2024Updated last year