Alternatives and similar repositories for python-registry:

Users that are interested in python-registry are comparing it to the libraries listed below

• mandiant / flare-wmi
  ☆422Updated last year
• mkorman90 / regipy
  Regipy is an os independent python library for parsing offline registry hives
  ☆252Updated 2 months ago
• mandiant / ShimCacheParser
  ☆275Updated last year
• williballenthin / INDXParse
  Tool suite for inspecting NTFS artifacts.
  ☆218Updated last year
• rowingdude / analyzeMFT
  analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…
  ☆461Updated 4 months ago
• davidpany / WMI_Forensics
  ☆297Updated 4 years ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆219Updated 4 years ago
• danielbohannon / Revoke-Obfuscation
  PowerShell Obfuscation Detection Framework
  ☆729Updated last year
• jschicht / RawCopy
  Commandline low level file extractor for NTFS
  ☆280Updated 5 years ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆192Updated 4 years ago
• CERT-Polska / mquery
  YARA malware query accelerator (web frontend)
  ☆421Updated this week
• airbus-cert / regrippy
  A modern Python-3-based alternative to RegRipper
  ☆192Updated 2 months ago
• volatilityfoundation / community
  Volatility plugins developed and maintained by the community
  ☆354Updated 3 years ago
• R3MRUM / PSDecode
  PowerShell script for deobfuscating encoded PowerShell scripts
  ☆424Updated 4 years ago
• MarkBaggett / srum-dump
  A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
  ☆603Updated 3 months ago
• mkorman90 / VolatilityBot
  VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  ☆264Updated 3 years ago
• williballenthin / python-evtx
  Pure Python parser for Windows Event Log files (.evtx)
  ☆734Updated 6 months ago
• fireeye / pywintrace
  ETW Python Library
  ☆276Updated last year
• MalwareCantFly / Vba2Graph
  Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
  ☆276Updated 3 years ago
• JPCERTCC / MalConfScan
  Volatility plugin for extracts configuration data of known malware
  ☆487Updated last year
• SekoiaLab / Fastir_Collector
  ☆507Updated 4 years ago
• decalage2 / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆1,072Updated 7 months ago
• Rurik / Noriben
  Noriben - Portable, Simple, Malware Analysis Sandbox
  ☆1,139Updated last year
• BayshoreNetworks / yextend
  Yara integrated software to handle archive file data.
  ☆305Updated 2 years ago
• MITRECND / chopshop
  Protocol Analysis/Decoder Framework
  ☆491Updated 2 years ago
• Velocidex / c-aff4
  An AFF4 C++ implementation.
  ☆195Updated last year
• py4n6 / pytsk
  Python bindings for The Sleuth Kit (libtsk)
  ☆94Updated 2 months ago
• OMENScan / AChoir
  Windows Live Artifacts Acquisition Script
  ☆186Updated 2 years ago
• kevthehermit / VolUtility
  Web App for Volatility framework
  ☆379Updated 2 months ago
• ctxis / CAPE
  Malware Configuration And Payload Extraction
  ☆751Updated 2 months ago