Abyss-W4tcher / volatility2-profiles
Collection of Volatility2 profiles, generated against Linux kernels.
β33Updated this week
Alternatives and similar repositories for volatility2-profiles:
Users that are interested in volatility2-profiles are comparing it to the libraries listed below
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis πβ90Updated this week
- Windows symbol tables for Volatility 3β78Updated 6 months ago
- A collection of tools and detections for the Sliver C2 Frameworjβ115Updated last year
- Volatility, on Docker π³β31Updated 6 months ago
- Volatility3 Linux profilesβ29Updated 2 weeks ago
- Memory mapping profiles for forensic analysis using volatility 3β25Updated 2 years ago
- Collection of my volatility3 pluginsβ17Updated 4 months ago
- Volatility Symbol Generator for Linux Kernelsβ32Updated last year
- Memory mapping profiles for forensic analysis using volatility 2β46Updated 2 years ago
- Repository of Yara Rulesβ96Updated 2 weeks ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performsβ¦β165Updated 8 months ago
- PowerShell Script Analyzerβ67Updated last year
- Contains compiled binaries of Volatilityβ30Updated 3 months ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!β82Updated last year
- A ProcessMonitor visualization application written in rust.β176Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracβ¦β145Updated 3 months ago
- Volatility 3 Pluginsβ19Updated 2 years ago
- Powershell Linterβ49Updated last month
- Rules shared by the community from 100 Days of YARA 2024β83Updated 2 weeks ago
- β20Updated last year
- RegRipper4.0β41Updated last year
- β111Updated last month
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hosβ¦β30Updated 2 years ago
- Python tool to check rootkits in Windows kernelβ180Updated 2 months ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files β¦β129Updated 5 months ago
- A specification and style guide for YARA rulesβ43Updated 11 months ago
- A repository of credential stealer formatsβ129Updated this week
- Harness the power of Splunk for your investigationsβ83Updated last month
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)β68Updated last year
- β36Updated 9 months ago