Alternatives and similar repositories for dumpit-linux:

Users that are interested in dumpit-linux are comparing it to the libraries listed below

• evild3ad / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆584Updated 2 months ago
• LDO-CERT / orochi
  The Volatility Collaborative GUI
  ☆237Updated this week
• Digital-Forensics-Discord-Server / ArtifactParsers
  A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
  ☆56Updated 3 months ago
• RussianPanda95 / Yara-Rules
  Repository of Yara Rules
  ☆97Updated last month
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆178Updated last year
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆87Updated 2 months ago
• Psmths / windows-forensic-artifacts
  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
  ☆314Updated 6 months ago
• Abyss-W4tcher / volatility3-symbols
  Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍
  ☆94Updated this week
• digitalsleuth / WIN-FOR
  Windows Forensics Environment Builder
  ☆127Updated last month
• forensicswiki / wiki
  Forensics Wiki, a wiki devoted to information about digital forensics (also known as computer forensics)
  ☆261Updated 8 months ago
• JPCERTCC / Windows-Symbol-Tables
  Windows symbol tables for Volatility 3
  ☆81Updated 7 months ago
• 100DaysofYARA / 2024
  Rules shared by the community from 100 Days of YARA 2024
  ☆83Updated last month
• evild3ad / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆224Updated 11 months ago
• mandiant / VM-Packages
  Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
  ☆164Updated this week
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆260Updated last year
• AndrewRathbun / VanillaWindowsReference
  A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …
  ☆152Updated 2 months ago
• EricZimmerman / MFTECmd
  Parses $MFT from NTFS file systems
  ☆216Updated 3 weeks ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆95Updated 7 months ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆97Updated 11 months ago
• strozfriedberg / sidr
  Search Index Database Reporter
  ☆102Updated 3 months ago
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆94Updated last year
• viper-framework / viper2
  File analysis and management framework.
  ☆80Updated last year
• Neo23x0 / YARA-Performance-Guidelines
  A guide on how to write fast and memory friendly YARA rules
  ☆135Updated this week
• Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-Sheet
  ☆155Updated last year
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆145Updated 4 months ago
• knez / defender-dump
  Dump quarantined files from Windows Defender
  ☆60Updated 2 years ago
• elastic / labs-releases
  Elastic Security Labs releases
  ☆57Updated 3 months ago
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆190Updated last week
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆65Updated last year
• forensicanalysis / artifactcollector
  🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
  ☆277Updated 2 weeks ago