sumeshi / ntfsdump

Related projects: ⓘ

• sumeshi / ntfsfind
  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
  ☆19Updated 6 months ago
• ydkhatri / macOS_FE
  Tools for macOS Forensic Bootable media
  ☆15Updated 4 years ago
• mandiant / vbScript_deobfuscator
  Help deobfuscate VBScript
  ☆15Updated 2 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆29Updated 5 years ago
• EricZimmerman / Issues
  This is a repository for reporting any issues in any of my software
  ☆11Updated 6 years ago
• am0nsec / masm64
  Collection of structures, prototype and examples for Microsoft Macro Assembler (MASM) x64.
  ☆15Updated 4 years ago
• williballenthin / wevt_template
  extract and parse WEVT_TEMPLATEs from PE files
  ☆17Updated 8 months ago
• mandiant / win10_auto
  ☆23Updated 5 years ago
• msuhanov / ntfs-samples
  NTFS samples
  ☆24Updated 4 years ago
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆16Updated 4 months ago
• DissectMalware / pyxlsb2
  an Excel 2007+ Binary Workbook (xlsb) parser for Python
  ☆19Updated 2 years ago
• EricZimmerman / SDB
  Parse Microsoft shim databases
  ☆28Updated 2 weeks ago
• dr-anoroc / rawccopy
  Command line utility for copying files on NTFS using low level disk access
  ☆32Updated 5 months ago
• sumeshi / mft2es
  A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.
  ☆10Updated 4 months ago
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆36Updated 2 months ago
• connormcgarr / Presentations
  ☆25Updated 9 months ago
• Dump-GUY / Invoke-DetectItEasy
  Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.
  ☆23Updated 2 years ago
• AndrewRathbun / VanillaWindowsRegistryHives
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆44Updated last year
• packing-box / bintropy
  Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes
  ☆38Updated 7 months ago
• mauronz / binja-emotet
  ☆18Updated 3 years ago
• elastic / die-python
  Native Python3 bindings for @horsicq's Detect-It-Easy
  ☆40Updated 2 weeks ago
• repnz / autoit-analysis
  AutoIt Analysis Library: Parser & Emulator For Malware Researchers
  ☆16Updated 5 years ago
• JPCERTCC / AutoYara4FLIRT
  ☆14Updated 8 months ago
• woanware / reg-entropy-scanner
  Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileles…
  ☆10Updated 5 years ago
• nasbench / procmon-malware-analysis-filters
  Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
  ☆13Updated 3 years ago
• secana / CertDump
  Dump certificates from PE files in different formats
  ☆36Updated 8 months ago
• tccontre / KnowledgeBase
  Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff
  ☆53Updated 4 months ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆49Updated 2 years ago
• EricZimmerman / RegistryPlugins
  ☆59Updated 2 months ago
• DissectMalware / xlrd2
  xlrd2 is a variant of xlrd that is actively maintained
  ☆23Updated last month