☆62Oct 12, 2024Updated last year
Alternatives and similar repositories for MemProcFS-plugins
Users that are interested in MemProcFS-plugins are comparing it to the libraries listed below
Sorting:
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Conference Presentations☆44Feb 17, 2020Updated 6 years ago
- Parser fo macOS/iOS FSEvents Logs☆43May 6, 2024Updated last year
- Python web app for previewing data in a Chrome Profile Folder☆24Jul 1, 2024Updated last year
- Documentation repository☆48Feb 11, 2026Updated last month
- ☆21May 8, 2022Updated 3 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆56Jul 2, 2023Updated 2 years ago
- ☆24Mar 12, 2025Updated last year
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- ☆23Oct 9, 2024Updated last year
- ☆51Nov 25, 2025Updated 3 months ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Linux Baseline and Forensic Triage Tool - BETA☆57Mar 10, 2026Updated last week
- ☆12Jun 3, 2022Updated 3 years ago
- LeechCore - Physical Memory Acquisition Library & The LeechAgent Remote Memory Acquisition Agent☆852Feb 14, 2026Updated last month
- Windows symbol tables for Volatility 3☆93Jul 11, 2024Updated last year
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Mar 12, 2026Updated last week
- Yet another registry parser☆137Apr 15, 2022Updated 3 years ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 3 years ago
- CyberChef update scripts in PowerShell & Bash☆18Apr 22, 2024Updated last year
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆64Dec 18, 2024Updated last year
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆701Oct 22, 2025Updated 4 months ago
- Digital Forensic Investigative Scripts☆87Updated this week
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆21Jul 18, 2023Updated 2 years ago
- A Windows Event Log MCP☆42Aug 25, 2025Updated 6 months ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆38Mar 25, 2024Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆254Oct 29, 2025Updated 4 months ago
- ☆17Jan 21, 2026Updated last month
- MemProcFS☆4,042Mar 2, 2026Updated 2 weeks ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆23Oct 31, 2018Updated 7 years ago
- Plugins related to LeechCore☆47Oct 5, 2025Updated 5 months ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆45May 12, 2021Updated 4 years ago
- Windows 10 Live Information viewer☆38Jan 27, 2022Updated 4 years ago