Alternatives and similar repositories for ntfsdump

Users that are interested in ntfsdump are comparing it to the libraries listed below

• sumeshi / ntfsfind
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆26Updated last year
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆24Updated 7 months ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆48Updated 2 months ago
• repnz / rpcmon
  RPC Monitor based on The ETW Microsoft-Windows-Rpc provider
  ☆24Updated 5 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• yardenshafir / conference_talks
  Slides from various conference talks
  ☆36Updated last year
• libyal / libfwevt
  Library for Windows XML Event Log (EVTX) data types
  ☆18Updated 7 months ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆33Updated last year
• connormcgarr / Presentations
  ☆28Updated 6 months ago
• skelsec / aiowinreg
  Registry hive parsing the async way
  ☆21Updated 2 months ago
• ydkhatri / macOS_FE
  Tools for macOS Forensic Bootable media
  ☆15Updated 4 years ago
• ufrisk / MemProcFS-plugins
  ☆54Updated 7 months ago
• Dump-GUY / Python3---Binary-Data-Manipulation
  Python 3 - Manipulation and conversation with different data type (Bytes operations)
  ☆26Updated 3 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 4 years ago
• Harvester57 / CodeIntegrity-DriverBlocklist
  ☆20Updated last week
• PwCUK-CTO / ScatterBee_Analysis
  Scripts to aid analysis of files obfuscated with ScatterBee.
  ☆20Updated 2 years ago
• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆18Updated 3 years ago
• CERT-Polska / karton-config-extractor
  Static configuration extractor for the Karton framework
  ☆10Updated 4 months ago
• SafeBreach-Labs / CoWTools
  Tools for analyzing Windows containers and break container's isolation
  ☆31Updated 2 years ago
• mandiant / vbScript_deobfuscator
  Help deobfuscate VBScript
  ☆15Updated 2 years ago
• DissectMalware / yaradbg-backend
  ☆25Updated last year
• zodiacon / AccessMask
  ☆20Updated 5 years ago
• williballenthin / viv-utils
  Utilities for working with vivisect
  ☆25Updated 2 months ago
• avast / authenticode-parser
  Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.
  ☆18Updated last year
• mandiant / win10_auto
  ☆24Updated 5 years ago
• waleedassar / SyscallNumberFinder
  ☆33Updated 3 years ago
• joxeankoret / deeptoad
  DeepToad is a library and a tool to clusterize similar files using fuzzy hashing
  ☆20Updated 5 years ago
• Cisco-Talos / Windows-drivers-GDT-file
  Ghidra data type archive for Windows driver analysis
  ☆22Updated 7 months ago
• DissectMalware / xlrd2
  xlrd2 is a variant of xlrd that is actively maintained
  ☆23Updated 9 months ago