JPCERTCC / Windows-Symbol-TablesLinks
Windows symbol tables for Volatility 3
☆87Updated 11 months ago
Alternatives and similar repositories for Windows-Symbol-Tables
Users that are interested in Windows-Symbol-Tables are comparing it to the libraries listed below
Sorting:
- Collection of Volatility2 profiles, generated against Linux kernels.☆43Updated this week
- Volatility Symbol Generator for Linux Kernels☆35Updated last year
- Volatility3 plugins developed and maintained by the community☆58Updated 2 years ago
- Volatility, on Docker 🐳☆34Updated 2 months ago
- Volatility3 Linux profiles☆48Updated 3 weeks ago
- Dump quarantined files from Windows Defender☆64Updated 3 years ago
- Use YARA rules on Time Travel Debugging traces☆91Updated last year
- RegRipper4.0☆52Updated last month
- Elastic Security Labs releases☆68Updated last week
- Cobalt Strike Beacon configuration extractor and parser.☆153Updated 3 years ago
- A small util to brute-force prefetch hashes☆77Updated 3 years ago
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆145Updated this week
- A collection of tools and detections for the Sliver C2 Frameworj☆127Updated 2 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆167Updated this week
- volatility explorer☆91Updated 4 years ago
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆50Updated 5 years ago
- Generate Volatility3 profiles from BTF.☆24Updated 6 months ago
- Powershell Linter☆61Updated last week
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆64Updated last month
- YARA rule analyzer to improve rule quality and performance☆102Updated 2 months ago
- Volatility 3 Plugins☆20Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆31Updated 3 years ago
- Configuration Extractors for Malware☆106Updated 2 months ago
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆65Updated this week
- Rules shared by the community from 100 Days of YARA 2024☆85Updated 5 months ago
- ☆19Updated 2 years ago
- Parses amcache.hve files, but with a twist!☆136Updated 5 months ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated last year
- PowerShell Script Analyzer☆69Updated last year