Rurik / PE_CarverLinks
Carves EXEs from given data files, using intelligent carving based upon PE headers
☆39Updated 8 years ago
Alternatives and similar repositories for PE_Carver
Users that are interested in PE_Carver are comparing it to the libraries listed below
Sorting:
- Carve Windows Prefetch files from arbitrary binary data☆15Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- ☆16Updated 10 years ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆45Updated 8 years ago
- a collection of public yara rules☆26Updated 5 years ago
- Volatility Plugins☆21Updated 10 years ago
- a collection of yara rules for binary analysis☆24Updated 7 years ago
- A short and small memory forensics helper.☆52Updated 7 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆48Updated 8 years ago
- BSidesLV 2015 Exploit Kit Analysis Workshop Files☆27Updated 9 years ago
- Automated memory forensics analysis☆33Updated 5 years ago
- Collection of my Python Scripts☆41Updated 4 years ago
- Static and automated/dynamic malware analysis☆47Updated 9 years ago
- Server for receiving autorun data from the clients☆13Updated 7 years ago
- Event Log Analysis Tools☆29Updated 8 years ago
- ☆19Updated 6 years ago
- Volatility Plugin to scan for shimmed processes in Windows☆10Updated 9 years ago
- Quick & dirty script to get info on a file from online resources (VirusTotal, Team Cymru, Shadow Server etc.)☆30Updated 11 years ago
- Tool to help guess a files 256 byte XOR key by using frequency analysis☆88Updated 7 years ago
- Command-line Interface for Binar.ly☆38Updated 8 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆27Updated 9 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 8 years ago
- ☆43Updated 5 years ago
- Script to parse first load time for Shell Extensions loaded by user. Also enumerates all loaded Shell Extensions that are only installed …☆21Updated 10 years ago
- Pure Python parser for classic Windows Event Log files (.evt)☆50Updated 2 years ago
- ☆68Updated 8 years ago
- Just a collection of scripts☆40Updated 5 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Updated 6 years ago