ArtifactExtractor
Artifact extractor
Extracts Windows artifacts from images and virtual machines
Extract common Windows artifacts from source images and VSCs
65 stars
7 watching
12 forks
Language: Python
last commit: over 3 years ago
Linked from 1 awesome list
dfirforensicswin4n6
cugu/awesome-forensicsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 forensicanalysis/artifactcollector | A tool to extract forensic artifacts from various operating systems | 270 |
 omenscan/achoir | A scripting framework to simplify the process of gathering forensic artifacts from Windows devices. | 183 |
 sekoialab/fastir_collector | A tool for collecting and analyzing Windows system artefacts on live systems | 506 |
 ydkhatri/macforensics | A collection of scripts to analyze and process macOS forensic artifacts. | 179 |
 forensicartifacts/artifacts | A repository of machine-readable digital forensic artifacts in YAML format, validated by Python code. | 1,062 |
 pstirparo/mac4n6 | A centralized collection of forensics artifacts locations for Mac OS X and iOS. | 326 |
 ownsecurity/fastir_artifacts | A tool for collecting forensic artifacts from live hosts across multiple operating systems. | 160 |
 stephenbrannon/iocextractor | Extracts and organizes Indicators of Compromise from unstructured text files into structured formats. | 135 |
 abdulrhmanalfaifi/fennec | Tool for collecting artifacts from *nix systems during incident response | 192 |
 inquest/iocextract | A tool to extract and deobfuscate IOCs from text corpora, allowing analysts to work with previously inaccessible data | 506 |
 dissectmalware/officeforensictools | A Python-based collection of tools for gathering forensic information from Office documents | 26 |
 navytitanium/fake-sandbox-artifacts | Creates artificial artifacts to evade malware detection and analysis | 250 |
 keydet89/regripper3.0 | A tool designed to extract and analyze data from Windows registry files | 557 |
 gleeda/memtriage | Analyze Windows machine RAM artifacts using Winpmem and Volatility | 218 |
 c404/sift_ex | An Elixir library for interacting with the SiftScience API to analyze transactions and user behavior | 13 |