williballenthin / python-registryLinks
Pure Python parser for Windows Registry hives.
☆433Updated 7 months ago
Alternatives and similar repositories for python-registry
Users that are interested in python-registry are comparing it to the libraries listed below
Sorting:
- ☆427Updated 2 years ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆491Updated 2 weeks ago
- ☆278Updated 2 years ago
- Regipy is an os independent python library for parsing offline registry hives☆259Updated 2 months ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆277Updated 3 years ago
- Tool suite for inspecting NTFS artifacts.☆224Updated last year
- A YARA-integrated process denial framework for Windows☆396Updated 5 years ago
- Volatility plugins developed and maintained by the community☆365Updated 4 years ago
- Pure Python parser for Windows Event Log files (.evtx)☆753Updated 2 months ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆426Updated 4 years ago
- ETW Python Library☆288Updated 2 years ago
- Yara integrated software to handle archive file data.☆315Updated 3 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆196Updated 5 months ago
- Web App for Volatility framework☆383Updated last month
- Malware Configuration And Payload Extraction☆760Updated 9 months ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆270Updated 4 years ago
- Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.☆505Updated last year
- ☆516Updated 4 years ago
- Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.☆206Updated 11 years ago
- YARA Rules I come across on the internet☆349Updated last year
- YARA malware query accelerator (web frontend)☆434Updated 5 months ago
- ☆303Updated 5 years ago
- Automatic Yara Rule Generation☆335Updated 9 years ago
- PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.☆613Updated 3 years ago
- Windows Live Artifacts Acquisition Script☆189Updated 3 years ago
- A modern Python-3-based alternative to RegRipper☆196Updated 4 months ago
- ☆205Updated 2 years ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆148Updated 7 years ago
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆332Updated 6 months ago
- Extract $MFT record info and log it to a csv file.☆276Updated 10 months ago