ETW forensic tool for Volatility3 plugin
☆17Nov 15, 2024Updated last year
Alternatives and similar repositories for etw-scan
Users that are interested in etw-scan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆12May 3, 2026Updated 2 weeks ago
- Generate Volatility3 profiles from BTF.☆33Dec 21, 2024Updated last year
- Windows symbol tables for Volatility 3☆94Jul 11, 2024Updated last year
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12May 11, 2026Updated last week
- An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.☆22Apr 14, 2026Updated last month
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A collection of content for blue team professionals, designed to support both reactive and proactive cybersecurity measures of every aspe…☆33Apr 2, 2026Updated last month
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆28Apr 14, 2026Updated last month
- USN Journal full path builder☆69Apr 16, 2026Updated last month
- An exercise to practice deobfuscating PowerShell Scripts.☆26Feb 10, 2023Updated 3 years ago
- A curated list of Hardware Hacking resources☆12Apr 14, 2020Updated 6 years ago
- r2con 2020 CTF kernel challenge☆12Sep 13, 2020Updated 5 years ago
- Sample implementation for OIDC with FastAPI and Authlib.☆20Dec 1, 2022Updated 3 years ago
- Archive of challenges @ Flatt Security Mini CTFs☆19Aug 20, 2025Updated 9 months ago
- rpv is a v library for analyzing RPC servers and interfaces on the Windows operating system☆39Nov 21, 2025Updated 6 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A summary of NSO Group/Circles documents, research and media clippings.☆12Apr 13, 2024Updated 2 years ago
- ☆12Jun 3, 2022Updated 3 years ago
- Build wordlists from the common-crawl index☆12Oct 9, 2022Updated 3 years ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆94Sep 7, 2023Updated 2 years ago
- Malware analysis and Reverse Engineering Workshops from Invoke RE☆15Jun 30, 2024Updated last year
- CVE-2025-22457: Python Exploit POC Scanner to Detect Ivanti Connect Secure RCE☆19Apr 17, 2025Updated last year
- A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)☆19Aug 18, 2023Updated 2 years ago
- Stand-alone copy of Androguard from http://code.google.com/p/androguard/☆16Mar 13, 2014Updated 12 years ago
- A no-reboot, in-memory Linux persistence PoC leveraging namespace joining, user-namespace elevation, and self‑deletion.☆65Aug 6, 2025Updated 9 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Python CLI covering the FileScan.IO API - enabling automatic interaction with www.filescan.io or private instances☆19Jul 15, 2025Updated 10 months ago
- User-friendly reference finder in IDA☆39Dec 17, 2022Updated 3 years ago
- Tool to start processes as SYSTEM using token duplication☆37Oct 27, 2020Updated 5 years ago
- Collaborative Reverse Engineering plugin for IDA Pro & Hex-Rays☆56Apr 21, 2026Updated last month
- Tools once available from McAfee but are no longer☆14May 9, 2024Updated 2 years ago
- MCP Server for Cutter☆28Aug 2, 2025Updated 9 months ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- BBC Micro Acorn DFS floppy disk image maintenance utility☆14Feb 20, 2021Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Active C2 IoCs☆99Nov 28, 2022Updated 3 years ago
- REplicated STORagE☆13Mar 23, 2023Updated 3 years ago
- A Simple CLI App to mark all EXCEL sheets visible (i.e. sets "Very Hidden" and "Hidden" to "Visible")☆11Apr 16, 2020Updated 6 years ago
- AVX-2 vectorised 8-bit positional popcount for Go☆23Aug 28, 2020Updated 5 years ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 7 months ago
- This is the LLM integration app that contains the vulnerability; please use it to verify the vulnerability of the LLM integration app.☆77May 4, 2026Updated 2 weeks ago
- ☆11May 2, 2026Updated 2 weeks ago