RealityNet / McAFuseLinks
Toolset to analyze disks encrypted with McAFee FDE technology
☆18Updated 4 years ago
Alternatives and similar repositories for McAFuse
Users that are interested in McAFuse are comparing it to the libraries listed below
Sorting:
- Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if re…☆21Updated 6 years ago
- ☆22Updated 4 years ago
- Carving tool based in Radare2 & Yara☆16Updated 6 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆16Updated last year
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 3 years ago
- DFF (Digital Forensics Framework)☆10Updated 4 years ago
- Parser for Sdba memory pool tags☆18Updated 3 years ago
- The Multiplatform Linux Sandbox☆15Updated last year
- NTFS file system specimens☆13Updated last year
- ☆13Updated 9 years ago
- ☆23Updated 2 years ago
- isodump - ISO dump utility☆40Updated 5 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 4 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Plugins for the Viper Framework☆14Updated 5 years ago
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated last year
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆24Updated 2 years ago
- Public repository for Red Canary Research☆37Updated 4 years ago
- ☆15Updated 3 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- Tool for analysis of Windows Prefetch files☆26Updated 6 years ago
- Yara rules☆21Updated 2 years ago
- ☆12Updated 3 years ago
- Google Chrome internals analysis using Volatility☆42Updated 2 years ago
- Speaking materials from conferences I've given☆9Updated 2 years ago
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆13Updated 10 months ago
- Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…☆22Updated 5 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago