williballenthin / python-registryLinks
Pure Python parser for Windows Registry hives.
☆431Updated 6 months ago
Alternatives and similar repositories for python-registry
Users that are interested in python-registry are comparing it to the libraries listed below
Sorting:
- Regipy is an os independent python library for parsing offline registry hives☆259Updated last month
- ☆427Updated 2 years ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆487Updated 2 weeks ago
- ☆278Updated 2 years ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆277Updated 3 years ago
- Tool suite for inspecting NTFS artifacts.☆223Updated last year
- Commandline low level file extractor for NTFS☆294Updated 6 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆195Updated 4 months ago
- ETW Python Library☆288Updated last year
- Volatility plugins developed and maintained by the community☆365Updated 4 years ago
- ☆304Updated 4 years ago
- A YARA-integrated process denial framework for Windows☆396Updated 5 years ago
- Pure Python parser for Windows Event Log files (.evtx)☆751Updated last month
- PowerShell script for deobfuscating encoded PowerShell scripts☆425Updated 4 years ago
- Python bindings for The Sleuth Kit (libtsk)☆104Updated last week
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 5 years ago
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆329Updated 6 months ago
- Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.☆502Updated last year
- YARA malware query accelerator (web frontend)☆434Updated 4 months ago
- Digital Forensics Virtual File System (dfVFS)☆210Updated last week
- Parser for $LogFile on NTFS☆199Updated 2 months ago
- A VBA p-code disassembler☆475Updated 4 years ago
- Yara integrated software to handle archive file data.☆315Updated 3 years ago
- Malware Configuration And Payload Extraction☆760Updated 8 months ago
- Extract $MFT record info and log it to a csv file.☆275Updated 10 months ago
- Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.☆206Updated 11 years ago
- Web App for Volatility framework☆383Updated 2 weeks ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆119Updated last year
- Artifact analysis tools by JPCERT/CC Analysis Center☆461Updated last year