Abyss-W4tcher / volatility3-symbols
Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis π
β74Updated this week
Related projects β
Alternatives and complementary repositories for volatility3-symbols
- Collection of Volatility2 profiles, generated against Linux kernels.β30Updated this week
- Memory acquisition for Linux that makes sense.β155Updated last year
- The Volatility Collaborative GUIβ227Updated this week
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracβ¦β140Updated 2 months ago
- Windows symbol tables for Volatility 3β73Updated 4 months ago
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifactsβ51Updated last week
- Rules shared by the community from 100 Days of YARA 2024β78Updated 7 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.β94Updated last year
- Harness the power of Splunk for your investigationsβ77Updated this week
- A centralized and enhanced memory analysis platformβ364Updated this week
- DFIR project to collect and analyze events in Google Workspaceβ13Updated 7 months ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIRβ544Updated 3 weeks ago
- Automated YARA Rule Standardization and Quality Assurance Toolβ166Updated this week
- A ProcessMonitor visualization application written in rust.β176Updated last year
- Dump quarantined files from Windows Defenderβ56Updated 2 years ago
- Volatility3 Linux profilesβ26Updated this week
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.β146Updated this week
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performsβ¦β161Updated 6 months ago
- The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically focβ¦β42Updated 6 months ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hosβ¦β29Updated 2 years ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.β144Updated this week
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare β¦β146Updated last month
- Volatility Symbol Generator for Linux Kernelsβ31Updated last year
- Search Index Database Reporterβ90Updated 2 weeks ago
- JPCERT/CC public YARA rules repositoryβ103Updated 5 months ago
- Elastic Security Labs releasesβ52Updated 3 weeks ago
- Rapidly Search and Hunt through Linux Forensics Artifactsβ180Updated 10 months ago
- Signatures and IoCs from public Volexity blog posts.β320Updated last week
- Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.β45Updated 2 years ago
- β57Updated 3 weeks ago