Alternatives and similar repositories for ntfsdump

Users that are interested in ntfsdump are comparing it to the libraries listed below

• sumeshi / ntfsfind
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆27Updated last year
• sumeshi / mft2es
  A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.
  ☆11Updated 4 months ago
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆28Updated 3 weeks ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆92Updated 4 years ago
• herosi / triage-collector
  ☆23Updated last year
• ufrisk / MemProcFS-plugins
  ☆61Updated last year
• stairwell-inc / threat-research
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆23Updated last year
• msuhanov / ntfs-samples
  NTFS samples
  ☆25Updated 5 years ago
• tccontre / KnowledgeBase
  Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff
  ☆57Updated last month
• DissectMalware / yaradbg-backend
  ☆25Updated last year
• DissectMalware / xlrd2
  xlrd2 is a variant of xlrd that is actively maintained
  ☆23Updated last year
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆33Updated 6 years ago
• mandiant / vbScript_deobfuscator
  Help deobfuscate VBScript
  ☆16Updated 3 years ago
• ydkhatri / macOS_FE
  Tools for macOS Forensic Bootable media
  ☆15Updated 5 years ago
• GDATASoftwareAG / TypeRefHasher
  CLI tool to compute the TypeRefHash for .NET binaries.
  ☆19Updated 3 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆80Updated last month
• EricZimmerman / OleCf
  Library to process OLE compound file format. This is a work in progress and was initially written for jumplist parsing (for which it does…
  ☆19Updated 9 months ago
• AndrewRathbun / VanillaWindowsRegistryHives
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆48Updated last week
• williballenthin / viv-utils
  Utilities for working with vivisect
  ☆25Updated last month
• memprocfshunt / MemProcFSHunter
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆44Updated 4 years ago
• aff4 / aff4-cpp-lite
  A lightweight C++/C AFF4 reader library
  ☆14Updated 2 years ago
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆38Updated last year
• avast / yls
  YARA Language Server
  ☆74Updated 3 weeks ago
• avast / yarang
  Alternative YARA scanning engine
  ☆73Updated 3 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆32Updated 5 years ago
• tbarabosch / apihash_to_yara
  Generates YARA rules to detect malware using API hashing
  ☆17Updated 4 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆36Updated 2 years ago
• nasbench / procmon-malware-analysis-filters
  Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
  ☆19Updated 5 years ago
• JPCERTCC / etw-scan
  ETW forensic tool for Volatility3 plugin
  ☆16Updated 11 months ago
• 5ha0 / fortools
  ☆14Updated 5 years ago