williballenthin / python-registry
Pure Python parser for Windows Registry hives.
☆428Updated 3 months ago
Alternatives and similar repositories for python-registry:
Users that are interested in python-registry are comparing it to the libraries listed below
- ☆429Updated last year
- ☆276Updated 2 years ago
- Volatility plugins developed and maintained by the community☆359Updated 4 years ago
- Regipy is an os independent python library for parsing offline registry hives☆255Updated last week
- Tool suite for inspecting NTFS artifacts.☆221Updated last year
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆474Updated 6 months ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆425Updated 4 years ago
- ETW Python Library☆281Updated last year
- A VBA parser and emulation engine to analyze malicious macros.☆1,086Updated 9 months ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆192Updated last month
- ☆507Updated 4 years ago
- Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.☆497Updated 11 months ago
- ☆302Updated 4 years ago
- Commandline low level file extractor for NTFS☆285Updated 5 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆221Updated 4 years ago
- A modern Python-3-based alternative to RegRipper☆194Updated 3 weeks ago
- An NTFS/FAT parser for digital forensics & incident response☆203Updated 5 months ago
- PowerShell Obfuscation Detection Framework☆735Updated last year
- A YARA-integrated process denial framework for Windows☆398Updated 5 years ago
- YARA malware query accelerator (web frontend)☆426Updated last month
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆278Updated 3 years ago
- Script for automating Linux memory capture and analysis☆269Updated 5 years ago
- Web App for Volatility framework☆380Updated 5 months ago
- A VBA p-code disassembler☆467Updated 3 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆109Updated 4 years ago
- Parser for $LogFile on NTFS☆193Updated last year
- Pure Python parser for Windows Event Log files (.evtx)☆738Updated 8 months ago
- Yet another registry parser☆132Updated 3 years ago
- Malware Configuration And Payload Extraction☆754Updated 5 months ago
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆313Updated 2 months ago