williballenthin / Autopsy-WindowsRegistryContentViewer

Related projects ⓘ

Alternatives and complementary repositories for Autopsy-WindowsRegistryContentViewer

• williballenthin / LfLe
  Recover event log entries from an image by heurisitically looking for record structures.
  ☆27Updated 9 years ago
• bonifield / volatilityGrapher
  Force-Directed Graph Generator for Volatility Ouputs
  ☆26Updated 5 years ago
• mdegrazia / Google-Analytic-Cookie-Cruncher
  Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values
  ☆23Updated 8 years ago
• mdegrazia / OnionPeeler
  Python script to batch query the Tor Relays and Bridges
  ☆36Updated 5 years ago
• MotiBa / ProcessMonitorAnalyzeMalware
  Script to parse Process Monitor XML log file, and give you a summary report.
  ☆23Updated 8 years ago
• lfcnassif / MultiContentViewer
  DataContentViewer module for Autopsy 3.1 to preview dozens of file types
  ☆28Updated 4 years ago
• AlmCo / Panorama
  Fast incident overview
  ☆39Updated 7 years ago
• jp-slackspace / x-tension-c-sharp
  An updated C# port of X-Ways X-Tensions API.
  ☆12Updated 6 years ago
• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 5 years ago
• woanware / reg-entropy-scanner
  Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileles…
  ☆11Updated 5 years ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆41Updated 6 years ago
• joswr1ght / nm2lp
  Convert Windows Netmon Monitor Mode Wireless Packet Captures to Libpcap Format
  ☆15Updated 5 years ago
• MatthewClarkMay / fTriage
  Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.
  ☆21Updated 5 years ago
• FSecureLABS / Athena
  GUI Tool to generate threat intelligence information in various formats
  ☆43Updated 6 years ago
• mdegrazia / Google-Analytic-Parser
  Parses for Google Analytic values in raw files like RAM, DD images etc.
  ☆18Updated 8 years ago
• Invoke-IR / PowerForensicsPortable
  ☆31Updated 4 years ago
• Silv3rHorn / ArtifactExtractor
  Extract common Windows artifacts from source images and VSCs
  ☆65Updated 3 years ago
• arieljt / VTSubmitter-Maltego
  A Maltego transform for VirusTotal Submitter Information
  ☆31Updated 5 years ago
• mattifestation / MSFTTraceMessageFormat
  All TMF files that I extracted from Microsoft PDBs.
  ☆12Updated 5 years ago
• woanware / wmi-parser
  Parses the WMI object database....looking for persistence
  ☆31Updated 4 years ago
• randomaccess3 / 4n6_stuff
  Git for me to put all my forensics stuff
  ☆21Updated 2 months ago
• davidhowell-tx / PS-DigitalForensics
  PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts
  ☆56Updated 4 years ago
• msuhanov / registry-miner
  Registry Miner
  ☆14Updated 6 years ago
• williballenthin / python-evt
  Pure Python parser for classic Windows Event Log files (.evt)
  ☆48Updated last year
• DissectMalware / PySameSame
  This is a python version of samesame repo to generate homograph strings
  ☆23Updated 6 years ago
• dfirfpi / decwindbx
  A sort of a toolkit to decrypt Dropbox Windows DBX files
  ☆30Updated 7 years ago
• JohnLaTwC / MacroJob
  Proof of concept VBA code to add to Normal.dot to put restrictions on Word
  ☆41Updated 7 years ago
• herrcore / punbup
  Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…
  ☆36Updated 6 years ago