Immersive-Labs-Sec / volatility_pluginsLinks
Volatility 3 Plugins
☆21Updated 2 years ago
Alternatives and similar repositories for volatility_plugins
Users that are interested in volatility_plugins are comparing it to the libraries listed below
Sorting:
- JPCERT/CC public YARA rules repository☆110Updated 8 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 3 months ago
- Yara Rules for Modern Malware☆77Updated last year
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- Quick ESXi Log Parser☆24Updated this week
- YARA rule analyzer to improve rule quality and performance☆102Updated 4 months ago
- Initial triage of Windows Event logs☆102Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- The core backend server handling API requests and task management☆44Updated 2 weeks ago
- ☆24Updated last year
- ShellSweeping the evil.☆53Updated last year
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆113Updated 3 years ago
- Collection of scripts used to deobfuscate GOOTLOADER malware samples.☆63Updated 8 months ago
- Capture. Detonate. Collect☆14Updated 11 months ago
- ☆34Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Updated 3 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- A home for detection content developed by the delivr.to team☆69Updated last week
- An exercise to practice deobfuscating PowerShell Scripts.☆26Updated 2 years ago
- ☆14Updated 2 years ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆34Updated 2 weeks ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Active C&C Detector☆155Updated last year