Alternatives and similar repositories for gomft

Users that are interested in gomft are comparing it to the libraries listed below

• Velocidex / go-ntfs
  An NTFS file parser in Go
  ☆69Updated last month
• bi-zone / etw
  Go library for ETW (Event Tracing for Windows) events processing
  ☆65Updated 2 years ago
• Velocidex / oleparse
  Golang parser for OLE files
  ☆31Updated 2 months ago
• parsiya / golnk
  Golang package for parsing Windows shell link binary (lnk or Windows shortcut) files.
  ☆37Updated 2 years ago
• ShellCode33 / VM-Detection
  Linux and Windows VMs evasion fully written in Go
  ☆34Updated 6 months ago
• tHinqa / outside-windows
  Win32 API definitions for the Go language
  ☆32Updated 11 years ago
• Velocidex / go-pe
  A Portable Executable parser for Golang
  ☆47Updated 4 months ago
• hillu / go-ntdll
  Go interface to NTDLL functions
  ☆74Updated last year
• 0xrawsec / golang-etw
  ☆38Updated 2 years ago
• a-palchikov / wmi
  tiny wrapper around Windows Management Instrumentation API
  ☆13Updated 6 years ago
• 0xrawsec / golang-win32
  Golang wrappers functions to call Windows APIs
  ☆77Updated 2 years ago
• forensicanalysis / fslib
  📚 A collection of tools and libraries to parse filesystems, archives and other data types
  ☆20Updated 6 months ago
• Velocidex / go-ese
  Go implementation of an Extensible Storage Engine parser
  ☆29Updated 2 months ago
• nirhaas / gopacker
  UPX-like packer written in Go
  ☆72Updated 3 years ago
• FourCoreLabs / wintoken
  Mainpulate, Steal and Modify Windows Tokens in Go
  ☆74Updated last year
• hallazzang / syso
  tool for embedding various type of resources in go Windows executable
  ☆42Updated 5 years ago
• kirides / screencapture
  This repository has been moved to https://github.com/kirides/go-d3d
  ☆52Updated 2 years ago
• VirusTotal / gyp
  gyp: A pure Go YARA parser
  ☆107Updated last year
• castaneai / hinako
  x86 WinAPI hook written in pure Go
  ☆49Updated 5 years ago
• botherder / go-autoruns
  Collect autorun records from running system
  ☆60Updated 3 years ago
• tailscale / wf
  Package for controlling the Windows firewall (aka Windows Filtering Platform, WFP)
  ☆100Updated last year
• zaneGittins / go-inject
  Process injection techniques written in Go.
  ☆62Updated last year
• gentlemanautomaton / volmgmt
  Windows Volume Management libraries for the Go language
  ☆27Updated last month
• codeyourweb / irma
  enpoint detection / live analysis & sandbox host / signatures quality test
  ☆44Updated 4 years ago
• emperorcow / go-netscan
  ☆33Updated 4 years ago
• Binject / forger
  ☆20Updated 6 years ago
• abdullah2993 / go-runpe
  execute a PE in the address space of another PE aka process hollowing
  ☆55Updated 3 years ago
• neox41 / go-procinject
  Process Injection Techniques with Golang
  ☆77Updated 4 years ago
• jpillora / icmpscan
  ICMP scan all hosts across a given subnet in Go (golang)
  ☆29Updated 5 years ago
• NaniteFactory / gominhook
  MinHook binding for Go (Golang) with support for Windows API.
  ☆80Updated 5 years ago