Alternatives and similar repositories for ip2geo

Users that are interested in ip2geo are comparing it to the libraries listed below

• philhagen / timeshift

  View on GitHub
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆21May 19, 2022Updated 3 years ago
• secgroundzero / ossem_modular

  View on GitHub
  OSSEM Modular
  ☆27Jun 29, 2020Updated 5 years ago
• zerber0s / mac_int

  View on GitHub
  macOS Artifact Intelligence Tool
  ☆13Apr 30, 2019Updated 6 years ago
• alwashmi / MasterParser

  View on GitHub
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆24Jul 9, 2021Updated 4 years ago
• devgc / GcLinkParser

  View on GitHub
  A GC link parser for both linkfiles and jumplists.
  ☆18Oct 28, 2016Updated 9 years ago
• jschicht / MftCarver

  View on GitHub
  Carve $MFT records from a chunk of data (for instance a memory dump)
  ☆16Aug 21, 2016Updated 9 years ago
• bsi-group / autorun-logger-server

  View on GitHub
  Server for receiving autorun data from the clients
  ☆13Sep 26, 2017Updated 8 years ago
• truekonrads / kpulp

  View on GitHub
  Konrads' Pen-Ultimate (Windows) Log File Parser
  ☆14Dec 27, 2025Updated last month
• AtomicGaryBusey / AzureForensics

  View on GitHub
  ☆33Oct 25, 2021Updated 4 years ago
• jklepsercyber / defender-detectionhistory-parser

  View on GitHub
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆116Jan 26, 2022Updated 4 years ago
• ydkhatri / Appx-Analysis

  View on GitHub
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆19Feb 26, 2024Updated last year
• blackbagtech / sleuthkit-APFS

  View on GitHub
  A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.
  ☆26Oct 27, 2019Updated 6 years ago
• tedhardyMSFT / EventLogUtilities

  View on GitHub
  Set of utilities for getting information about Windows Events
  ☆15Jun 5, 2018Updated 7 years ago
• ANSSI-FR / bits_parser

  View on GitHub
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆72Feb 13, 2025Updated last year
• AbdulRhmanAlfaifi / CryptnetURLCacheParser

  View on GitHub
  CryptnetURLCacheParser is a tool to parse CryptAPI cache files
  ☆20Aug 3, 2024Updated last year
• RandomRhythm / mal2csv

  View on GitHub
  Malformed Access Log to CSV - Convert Web Server Access Logs to CSV
  ☆18Sep 3, 2024Updated last year
• bgrundy / cheatsheets-forensic

  View on GitHub
  Forensic cheatsheets for use with cheat
  ☆15Dec 2, 2021Updated 4 years ago
• ArsenalRecon / SdbaParser

  View on GitHub
  Parser for Sdba memory pool tags
  ☆21Jul 16, 2021Updated 4 years ago
• ydkhatri / jarp

  View on GitHub
  Just Another broken Registry Parser (JARP)
  ☆16May 23, 2024Updated last year
• ppt0 / easyhunting

  View on GitHub
  Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way
  ☆19Jun 6, 2022Updated 3 years ago
• Recruit-CSIRT / macApfsMounter

  View on GitHub
  A small tool to easily mount APFS image on macOS for forensics.
  ☆16Jul 30, 2020Updated 5 years ago
• CrowdStrike / SuperMem

  View on GitHub
  A python script developed to process Windows memory images based on triage type.
  ☆264Nov 25, 2023Updated 2 years ago
• cbasnett / Log-Extractor

  View on GitHub
  ☆28Mar 29, 2022Updated 3 years ago
• dwmetz / PSHero

  View on GitHub
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆36Jul 11, 2023Updated 2 years ago
• memprocfshunt / MemProcFSHunter

  View on GitHub
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆45May 12, 2021Updated 4 years ago
• Rurik / Java_IDX_Parser

  View on GitHub
  Parses Java Cache IDX files
  ☆40Feb 28, 2018Updated 7 years ago
• net-protect / google-fs-recover

  View on GitHub
  Google Filestream Forensic Tool
  ☆22Mar 10, 2022Updated 3 years ago
• chaoticmachinery / mass_triage_tools

  View on GitHub
  Mass Triage Tools
  ☆20Dec 16, 2025Updated last month
• theAtropos4n6 / Partition-4DiagnosticParser

  View on GitHub
  Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.
  ☆20Nov 28, 2023Updated 2 years ago
• BushidoUK / Abused-Legitimate-Services

  View on GitHub
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Oct 28, 2022Updated 3 years ago
• ignacioj / mftf

  View on GitHub
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆38Jul 18, 2024Updated last year
• bfuzzy / ThreatHunter-Playbook

  View on GitHub
  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
  ☆14Jul 18, 2018Updated 7 years ago
• tesorion / TCERT-Cumulonimbus-UAL_Extractor

  View on GitHub
  Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…
  ☆21Oct 25, 2023Updated 2 years ago
• bromiley / pollen

  View on GitHub
  pollen - A command-line tool for interacting with TheHive
  ☆36Jun 6, 2019Updated 6 years ago
• philhagen / sof-elk

  View on GitHub
  Configuration files for the SOF-ELK VM
  ☆1,715Jan 21, 2026Updated 3 weeks ago
• daguy666 / Transit

  View on GitHub
  MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.
  ☆20Feb 20, 2020Updated 5 years ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater

  View on GitHub
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆59Jun 24, 2025Updated 7 months ago
• airbus-cert / regrippy

  View on GitHub
  A modern Python-3-based alternative to RegRipper
  ☆204Mar 31, 2025Updated 10 months ago
• strozfriedberg / QELP

  View on GitHub
  Quick ESXi Log Parser
  ☆28Oct 20, 2025Updated 3 months ago