VolDiff: Malware Memory Footprint Analysis based on Volatility
☆197Sep 12, 2017Updated 8 years ago
Alternatives and similar repositories for VolDiff
Users that are interested in VolDiff are comparing it to the libraries listed below
Sorting:
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49May 31, 2017Updated 8 years ago
- Web interface for the Volatility Memory Forensics Framework☆260Nov 21, 2017Updated 8 years ago
- Web App for Volatility framework☆390Jan 13, 2026Updated last month
- Differential Analysis of Malware in Memory☆216Apr 16, 2017Updated 8 years ago
- Windows Live Artifacts Acquisition Script☆190Jun 20, 2022Updated 3 years ago
- Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for…☆37Nov 22, 2015Updated 10 years ago
- Modified edition of cuckoo☆272Sep 9, 2019Updated 6 years ago
- Malware Analysis Tool using Function Level Fuzzy Hashing☆191Dec 19, 2015Updated 10 years ago
- A short and small memory forensics helper.☆52Oct 18, 2017Updated 8 years ago
- Incident Response Forensic Framework☆611Nov 20, 2019Updated 6 years ago
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆208Mar 12, 2025Updated 11 months ago
- C++ application that uses memory and code hooks to detect packers☆274Mar 5, 2018Updated 7 years ago
- Cuckoo Sandbox Local Maltego Transforms Project☆49Jul 2, 2014Updated 11 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- Configuration security audit framework☆21Apr 27, 2016Updated 9 years ago
- Small tool for disassembling shellcode (using objdump)☆149Jun 19, 2022Updated 3 years ago
- Rekall Memory Forensic Framework☆1,997Oct 18, 2020Updated 5 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆270Jun 15, 2021Updated 4 years ago
- A tool to detect and crash Cuckoo Sandbox☆297Jul 22, 2024Updated last year
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Honeypot Intelligence with Splunk☆256Oct 18, 2018Updated 7 years ago
- Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.)☆112May 7, 2015Updated 10 years ago
- Static and automated/dynamic malware analysis☆47Sep 28, 2015Updated 10 years ago
- Comae Hibernation File Decompressor☆156Apr 1, 2023Updated 2 years ago
- Yet another AV evasion tool☆117Jan 3, 2022Updated 4 years ago
- Unpack MIME attachments from a file and check them against virustotal.com☆44Mar 11, 2016Updated 9 years ago
- ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.☆287May 24, 2016Updated 9 years ago
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- Collection of IDA Pro plugins I wrote over the years☆24May 8, 2010Updated 15 years ago
- A tool to retrieve malware directly from the source for security researchers.☆563Jul 27, 2017Updated 8 years ago
- Modular file scanning/analysis framework☆622Oct 8, 2019Updated 6 years ago
- Various snippets created during malware analysis☆463Oct 3, 2025Updated 4 months ago
- Malicious HTTP traffic explorer☆724Mar 16, 2023Updated 2 years ago
- Automation for VirusTotal☆31May 6, 2016Updated 9 years ago
- Powershell tool to download malware samples.☆12Feb 10, 2016Updated 10 years ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- Frontend for Codex Gigas☆21Mar 6, 2017Updated 8 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago