JPCERTCC / Windows-Symbol-TablesLinks
Windows symbol tables for Volatility 3
☆86Updated 10 months ago
Alternatives and similar repositories for Windows-Symbol-Tables
Users that are interested in Windows-Symbol-Tables are comparing it to the libraries listed below
Sorting:
- Collection of Volatility2 profiles, generated against Linux kernels.☆43Updated 3 weeks ago
- RegRipper4.0☆50Updated last month
- Elastic Security Labs releases☆66Updated 2 weeks ago
- Volatility3 plugins developed and maintained by the community☆57Updated 2 years ago
- A small util to brute-force prefetch hashes☆77Updated 2 years ago
- Volatility Symbol Generator for Linux Kernels☆35Updated last year
- Cobalt Strike Beacon configuration extractor and parser.☆153Updated 3 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated last year
- Volatility, on Docker 🐳☆34Updated last month
- Use YARA rules on Time Travel Debugging traces☆90Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago
- YARA rule analyzer to improve rule quality and performance☆101Updated last month
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- volatility explorer☆90Updated 4 years ago
- A guide on how to write fast and memory friendly YARA rules☆144Updated 3 months ago
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆141Updated 3 weeks ago
- A collection of tools and detections for the Sliver C2 Frameworj☆126Updated 2 years ago
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆50Updated 5 years ago
- A ProcessMonitor visualization application written in rust.☆180Updated last year
- Generate Volatility3 profiles from BTF.☆23Updated 5 months ago
- yara detection rules for hunting with the threathunting-keywords project☆121Updated 3 weeks ago
- JPCERT/CC public YARA rules repository☆106Updated 5 months ago
- Evtx to Splunk ingestor☆15Updated 3 years ago
- Dump quarantined files from Windows Defender☆63Updated 3 years ago
- Parses amcache.hve files, but with a twist!☆136Updated 4 months ago
- Memory acquisition for Linux that makes sense.☆196Updated last year
- Initial triage of Windows Event logs☆99Updated 11 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆78Updated 3 weeks ago
- LILO based Pulse Secure appliance disk image decryptor☆13Updated last year
- Linpmem is a linux memory acquisition tool☆84Updated last year