Abyss-W4tcher / volatility2-profiles
Collection of Volatility2 profiles, generated against Linux kernels.
β30Updated last week
Related projects β
Alternatives and complementary repositories for volatility2-profiles
- Windows symbol tables for Volatility 3β72Updated 3 months ago
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis πβ70Updated last week
- A collection of tools and detections for the Sliver C2 Frameworjβ109Updated last year
- Volatility, on Docker π³β27Updated 4 months ago
- Volatility3 Linux profilesβ24Updated this week
- Volatility Symbol Generator for Linux Kernelsβ31Updated 11 months ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!β82Updated last year
- Memory mapping profiles for forensic analysis using volatility 2β45Updated 2 years ago
- Memory mapping profiles for forensic analysis using volatility 3β24Updated 2 years ago
- Collection of my volatility3 pluginsβ15Updated 2 months ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performsβ¦β160Updated 6 months ago
- shared samples from #dailyphish and/or #apt tweetsβ33Updated 3 weeks ago
- Contains compiled binaries of Volatilityβ29Updated 3 weeks ago
- Powershell Linterβ46Updated last month
- Malware Analysis toolsβ25Updated last month
- Repository of Yara Rulesβ88Updated 3 weeks ago
- This repo is all about Blue teamming and CyberDefenders Write-up for their DFIR challengesβ16Updated last year
- Volatility 3 Pluginsβ19Updated 2 years ago
- A ProcessMonitor visualization application written in rust.β176Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.β193Updated last year
- RegRipper4.0β39Updated last year
- PowerShell Script Analyzerβ65Updated last year
- Configuration Extractors for Malwareβ53Updated 3 weeks ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluationβ73Updated 3 months ago
- Use YARA rules on Time Travel Debugging tracesβ85Updated last year
- Some of my Malware Analysis writeups.β41Updated last year
- A small util to brute-force prefetch hashesβ73Updated 2 years ago
- β36Updated 7 months ago
- Linpmem is a linux memory acquisition toolβ74Updated 5 months ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files β¦β124Updated 3 months ago