RegRippy is a framework for reading and extracting useful forensics data from Windows registry hives, developed in modern Python 3 as an alternative to RegRipper. It utilizes William Ballenthin's python-registry to access the raw registry hives, aiming to provide a framework for developing plugins in an incident response scenario.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
A Mac OS X computer forensics tool for analyzing system artifacts, user files, and logs with reputation verification and log aggregation capabilities.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
Highlighter is a FireEye Market app that integrates with FireEye products to provide enhanced cybersecurity capabilities.
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.