MagnetForensics / dumpit-linuxLinks
Memory acquisition for Linux that makes sense.
☆196Updated last year
Alternatives and similar repositories for dumpit-linux
Users that are interested in dumpit-linux are comparing it to the libraries listed below
Sorting:
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆629Updated 2 months ago
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆64Updated 6 months ago
- Windows symbol tables for Volatility 3☆86Updated 10 months ago
- The Volatility Collaborative GUI☆243Updated this week
- A ProcessMonitor visualization application written in rust.☆180Updated last year
- Harness the power of Splunk for your investigations☆107Updated 3 weeks ago
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆141Updated 3 weeks ago
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆357Updated 9 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆199Updated this week
- Parses $MFT from NTFS file systems☆243Updated last month
- Windows Forensics Environment Builder☆145Updated this week
- Parses amcache.hve files, but with a twist!☆136Updated 4 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆597Updated 2 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆223Updated this week
- Repository of Yara Rules☆111Updated last month
- A centralized and enhanced memory analysis platform☆463Updated 2 weeks ago
- Forensics Wiki, a wiki devoted to information about digital forensics (also known as computer forensics)☆278Updated last week
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆180Updated last week
- ☆131Updated last week
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆163Updated 6 months ago
- Collection of Volatility2 profiles, generated against Linux kernels.☆43Updated 3 weeks ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆180Updated this week
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆288Updated 3 weeks ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆313Updated 3 weeks ago
- Forensic Artifact Collection Tool Matrix☆85Updated 6 months ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆150Updated 8 months ago
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆101Updated last year
- Search Index Database Reporter☆110Updated 7 months ago