williballenthin / python-registry
Pure Python parser for Windows Registry hives.
☆425Updated 8 months ago
Related projects: ⓘ
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆429Updated this week
- ☆415Updated last year
- Regipy is an os independent python library for parsing offline registry hives☆240Updated 3 weeks ago
- ☆271Updated last year
- YARA malware query accelerator (web frontend)☆407Updated this week
- Pure Python parser for Windows Event Log files (.evtx)☆718Updated last month
- ETW Python Library☆263Updated last year
- ☆375Updated this week
- Volatility plugins developed and maintained by the community☆339Updated 3 years ago
- Tool suite for inspecting NTFS artifacts.☆213Updated 10 months ago
- A YARA-integrated process denial framework for Windows☆395Updated 4 years ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,101Updated 9 months ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆416Updated 3 years ago
- ☆505Updated 3 years ago
- Commandline low level file extractor for NTFS☆272Updated 5 years ago
- YARA Rules I come across on the internet☆327Updated 5 months ago
- Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.☆202Updated 10 years ago
- ☆293Updated 4 years ago
- Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.☆479Updated 4 months ago
- Yara integrated software to handle archive file data.☆296Updated 2 years ago
- ☆708Updated last year
- PowerShell Obfuscation Detection Framework☆719Updated 9 months ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆263Updated 3 years ago
- PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.☆605Updated 2 years ago
- Repository of modules and signatures contributed by the community☆322Updated last year
- Artifact analysis tools by JPCERT/CC Analysis Center☆451Updated 2 months ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,044Updated 2 months ago
- Script for automating Linux memory capture and analysis☆263Updated 4 years ago
- Malware Configuration And Payload Extraction☆743Updated last year
- Windows registry file format specification☆319Updated 5 years ago