Hivex is a Windows Registry hive extraction library that allows users to read and write Windows Registry 'hive' binary files. It provides a C API and can export the hive as XML. The library is written in C and has bindings for OCaml, Perl, Python, and Ruby. It is licensed under LGPL v2.1. Hivex is a self-contained library that does not use the textual .REG format for output. Instead, it provides a C API and a separate program to export the hive as XML. The library is derived from several sources, including NTREG registry reader/writer library and dumphive, a BSD-licensed Pascal program. Hivex is designed to be more careful about handling error cases, corrupt and malicious registry files, and endianness compared to other libraries.
FEATURES
ALTERNATIVES
A library to access the Expert Witness Compression Format (EWF) for digital forensics and incident response.
Documentation project for Digital Forensics Artifact Repository
A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.
Python script to parse macOS MRU plist files into human-friendly format
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
Open source digital forensics tools for analyzing disk images and recovering files.
A tool for fixing acquired .evt Windows Event Log files in digital forensics.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.