Rurik / PE_Carver
Carves EXEs from given data files, using intelligent carving based upon PE headers
☆38Updated 7 years ago
Alternatives and similar repositories for PE_Carver:
Users that are interested in PE_Carver are comparing it to the libraries listed below
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆44Updated 8 years ago
- ☆16Updated 10 years ago
- Volatility Plugins☆21Updated 9 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- Useful scripts, rules etc. for use with YARA☆27Updated 4 years ago
- Server for receiving autorun data from the clients☆13Updated 7 years ago
- ☆19Updated 6 years ago
- Carve Windows Prefetch files from arbitrary binary data☆14Updated 7 years ago
- RegRipper wrapper for simplified bulk parsing or registry hives☆9Updated 6 years ago
- Various scrips☆12Updated 2 years ago
- Command-line Interface for Binar.ly☆37Updated 8 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49Updated 7 years ago
- Automated memory forensics analysis☆33Updated 5 years ago
- A Volatility plugin for finding sqlite database rows☆22Updated 5 years ago
- Collection of my Python Scripts☆41Updated 4 years ago
- Some dfir stuff☆31Updated 3 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Updated 6 years ago
- Tools☆13Updated 2 years ago
- Automation for VirusTotal☆31Updated 8 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- onigiri - remote malware triage script☆24Updated 9 years ago
- Lite version of PDF X-RAY that uses no backend☆36Updated 13 years ago
- BSidesLV 2015 Exploit Kit Analysis Workshop Files☆27Updated 9 years ago
- a collection of yara rules for binary analysis☆24Updated 7 years ago
- a collection of public yara rules☆26Updated 5 years ago
- Frontend for Codex Gigas☆21Updated 8 years ago
- Volatility Plugin to scan for shimmed processes in Windows☆10Updated 9 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Updated 7 years ago
- Python tools for IOC (Indicator of Compromise) handling☆96Updated 3 years ago