Windows file metadata / forensic tool.
☆18Oct 12, 2025Updated 5 months ago
Alternatives and similar repositories for fmd
Users that are interested in fmd are comparing it to the libraries listed below
Sorting:
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 6 months ago
- Safe Rust API to libesedb☆12Sep 10, 2025Updated 6 months ago
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated last month
- A set of tools and procedures for automating NSM and NIDS deployments in AWS☆15Oct 16, 2020Updated 5 years ago
- Memory Scaner☆65Sep 9, 2022Updated 3 years ago
- Rust crate for accessing keys, values, and data stored in Windows hive (registry) files.☆53Jan 21, 2025Updated last year
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- Scanner for certain IoCs☆11Jan 29, 2025Updated last year
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Harvest Linux forensic data for operational triage of an event.☆51Nov 30, 2025Updated 3 months ago
- Remotely collect linux live forensics artifacts.☆14Jul 8, 2022Updated 3 years ago
- Scripts to help and speed up reversing activities☆13Jan 12, 2026Updated 2 months ago
- Jar2Exe extraction tool☆15Dec 28, 2022Updated 3 years ago
- Get the process name or process id on windows☆20Jun 1, 2025Updated 9 months ago
- ☆23Mar 17, 2024Updated 2 years ago
- Forensic framework to build tools that can be reused in multiple projects without changing anything☆31Updated this week
- A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.☆14Oct 21, 2021Updated 4 years ago
- Scripts and integrations for OSSEC☆41Mar 18, 2016Updated 10 years ago
- Simple PowerShell script to enable process scanning with Yara.☆98Oct 4, 2022Updated 3 years ago
- Programmatically access a TLS certificate chain in C++ and C#☆12Oct 27, 2018Updated 7 years ago
- Windows.EDB Browser☆60Mar 6, 2023Updated 3 years ago
- C# implementation of Out-Minidump.ps1☆10Jul 13, 2018Updated 7 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Jul 7, 2022Updated 3 years ago
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆134Updated this week
- Incident Response documents and tooling☆113Dec 23, 2025Updated 3 months ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 6 months ago
- Bro script module for detecting malware using domain generation algorithms.☆13Feb 22, 2018Updated 8 years ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆210Oct 19, 2020Updated 5 years ago
- defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events☆17Apr 19, 2023Updated 2 years ago
- A library to parse macOS FsEvents☆24Aug 28, 2022Updated 3 years ago
- Python Library for ConfigExtractor☆15Feb 24, 2026Updated 3 weeks ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆30Mar 10, 2026Updated last week
- Tools for macOS Forensic Bootable media☆16May 20, 2020Updated 5 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago