MagnetForensics / dumpit-linuxLinks
Memory acquisition for Linux that makes sense.
☆201Updated last year
Alternatives and similar repositories for dumpit-linux
Users that are interested in dumpit-linux are comparing it to the libraries listed below
Sorting:
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆663Updated 2 weeks ago
- The Volatility Collaborative GUI☆248Updated last week
- RegRipper4.0☆58Updated 3 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆232Updated this week
- A ProcessMonitor visualization application written in rust.☆181Updated 2 years ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆190Updated this week
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆374Updated 11 months ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆198Updated last year
- ☆141Updated 2 weeks ago
- Windows Forensics Environment Builder☆156Updated 3 weeks ago
- Parses $MFT from NTFS file systems☆255Updated 3 months ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆208Updated last month
- Dump quarantined files from Windows Defender☆64Updated 3 years ago
- Forensics Wiki, a wiki devoted to information about digital forensics (also known as computer forensics)☆285Updated this week
- Windows symbol tables for Volatility 3☆88Updated last year
- A python script developed to process Windows memory images based on triage type.☆263Updated last year
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆67Updated 8 months ago
- $MFT directory tree reconstruction & FILE record info☆307Updated 10 months ago
- Repository of Yara Rules☆114Updated 3 months ago
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆174Updated last month
- Elastic Security Labs releases☆78Updated last month
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆245Updated 4 months ago
- MacOS forensic acquisition made simple☆165Updated last week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆77Updated last week
- Rules shared by the community from 100 Days of YARA 2024☆84Updated 7 months ago
- ☆203Updated 9 months ago
- A centralized and enhanced memory analysis platform☆481Updated 3 weeks ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆170Updated 8 months ago
- A GUI and CLI tool for removing bloat from executables☆410Updated last month
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆291Updated 3 months ago