VolDiff: Malware Memory Footprint Analysis based on Volatility
☆197Sep 12, 2017Updated 8 years ago
Alternatives and similar repositories for VolDiff
Users that are interested in VolDiff are comparing it to the libraries listed below
Sorting:
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49May 31, 2017Updated 8 years ago
- Web interface for the Volatility Memory Forensics Framework☆259Nov 21, 2017Updated 8 years ago
- Web App for Volatility framework☆390Jan 13, 2026Updated 2 months ago
- Differential Analysis of Malware in Memory☆216Apr 16, 2017Updated 8 years ago
- Windows Live Artifacts Acquisition Script☆190Jun 20, 2022Updated 3 years ago
- Modified edition of cuckoo☆272Sep 9, 2019Updated 6 years ago
- Unpack MIME attachments from a file and check them against virustotal.com☆44Mar 11, 2016Updated 10 years ago
- A short and small memory forensics helper.☆52Oct 18, 2017Updated 8 years ago
- Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for…☆37Nov 22, 2015Updated 10 years ago
- Static and automated/dynamic malware analysis☆47Sep 28, 2015Updated 10 years ago
- Malware Analysis Tool using Function Level Fuzzy Hashing☆191Dec 19, 2015Updated 10 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- Incident Response Forensic Framework☆612Nov 20, 2019Updated 6 years ago
- Frontend for Codex Gigas☆21Mar 6, 2017Updated 9 years ago
- A tool to detect and crash Cuckoo Sandbox☆297Jul 22, 2024Updated last year
- Rekall Memory Forensic Framework☆1,999Oct 18, 2020Updated 5 years ago
- Cuckoo Sandbox Local Maltego Transforms Project☆49Jul 2, 2014Updated 11 years ago
- C++ application that uses memory and code hooks to detect packers☆275Mar 5, 2018Updated 8 years ago
- Autoruns plugin for the Volatility framework☆123Jul 18, 2019Updated 6 years ago
- A tool to retrieve malware directly from the source for security researchers.☆563Jul 27, 2017Updated 8 years ago
- Script to perform Linux Memory Diff Analysis Using Volatility☆24Sep 20, 2015Updated 10 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆269Jun 15, 2021Updated 4 years ago
- Automation for VirusTotal☆31May 6, 2016Updated 9 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆14Sep 13, 2016Updated 9 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago
- Honeypot Intelligence with Splunk☆255Oct 18, 2018Updated 7 years ago
- Small tool for disassembling shellcode (using objdump)☆149Jun 19, 2022Updated 3 years ago
- List of scripts used for malware analysis☆15Aug 10, 2015Updated 10 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆209Mar 12, 2025Updated last year
- ☆16Jan 31, 2015Updated 11 years ago
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- Malcom - Malware Communications Analyzer☆1,165Nov 29, 2017Updated 8 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- Various snippets created during malware analysis☆464Oct 3, 2025Updated 5 months ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Comae Hibernation File Decompressor☆156Apr 1, 2023Updated 2 years ago
- Malicious HTTP traffic explorer☆723Mar 16, 2023Updated 3 years ago
- Honeybrid is a network application built to 1) administrate network of honeypots, and 2) transparently redirect live network sessions (TC…☆31Jan 8, 2019Updated 7 years ago