Memory acquisition for Linux that makes sense.
☆223Nov 21, 2023Updated 2 years ago
Alternatives and similar repositories for dumpit-linux
Users that are interested in dumpit-linux are comparing it to the libraries listed below
Sorting:
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 3 months ago
- AVML - Acquire Volatile Memory for Linux☆1,064Updated this week
- Search Index Database Reporter☆131Oct 28, 2025Updated 4 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆254Oct 29, 2025Updated 4 months ago
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated 8 months ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆701Oct 22, 2025Updated 4 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,255Updated this week
- Carves and recreates VSS catalog and store from Windows disk image.☆100Jan 24, 2023Updated 3 years ago
- Windows Forensics Salt States☆21Mar 11, 2026Updated last week
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- The multi-platform memory acquisition tool.☆955Oct 14, 2025Updated 5 months ago
- Contains compiled binaries of Volatility☆36May 18, 2025Updated 10 months ago
- Android Logs Events And Protobuf Parser☆779Mar 12, 2026Updated last week
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- iOS Logs, Events, And Plist Parser☆1,033Mar 12, 2026Updated last week
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆226Oct 26, 2025Updated 4 months ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- USN Journal full path builder☆67Sep 16, 2024Updated last year
- The Volatility Collaborative GUI☆265Feb 11, 2026Updated last month
- Digital Forensic Investigative Scripts☆87Updated this week
- A series of python scripts to extract information from SQLite Data Files☆21Nov 15, 2025Updated 4 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆648Nov 7, 2025Updated 4 months ago
- RegRipper3.0☆687Dec 12, 2024Updated last year
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆79Oct 20, 2025Updated 5 months ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆79Jan 9, 2024Updated 2 years ago
- Volatility 3.0 development☆3,981Updated this week
- $MFT directory tree reconstruction & FILE record info☆325Oct 7, 2024Updated last year
- ☆152Jun 5, 2024Updated last year
- Returns Logs Events And Properties Parser☆125Dec 24, 2025Updated 2 months ago
- convert ELF/DWARF symbol and type information into vol3's intermediate JSON☆147Oct 9, 2024Updated last year
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Jun 24, 2025Updated 8 months ago
- Generate Volatility3 profiles from BTF.☆31Dec 21, 2024Updated last year
- A DFIR tool to collect artifacts on macOS☆56Mar 1, 2020Updated 6 years ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆93Sep 7, 2023Updated 2 years ago
- Windows Forensics Environment Builder☆180Dec 5, 2025Updated 3 months ago