Velocidex / LinpmemLinks
Linpmem is a linux memory acquisition tool
☆84Updated last year
Alternatives and similar repositories for Linpmem
Users that are interested in Linpmem are comparing it to the libraries listed below
Sorting:
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- Use YARA rules on Time Travel Debugging traces☆91Updated last year
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆64Updated last month
- ☆114Updated last month
- ☆55Updated 8 months ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆213Updated 2 years ago
- Python tool to check rootkits in Windows kernel☆197Updated 3 months ago
- Volatility Symbol Generator for Linux Kernels☆35Updated last year
- Rust Linux Kernel Module designed for LKM rootkit detection☆48Updated 3 months ago
- Volatility, on Docker 🐳☆34Updated 2 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆67Updated 6 months ago
- Powershell Linter☆61Updated this week
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated last year
- Finding secrets in kernel and user memory☆116Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆127Updated 2 years ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆115Updated 3 weeks ago
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆53Updated 5 months ago
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- Windows symbol tables for Volatility 3☆86Updated 11 months ago
- Generate Volatility3 profiles from BTF.☆24Updated 6 months ago
- Linux #rootkit and #malware revealer☆26Updated 10 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆116Updated 11 months ago
- Userland exec PoC to be used as attack vector technique☆85Updated 4 months ago
- Memory acquisition for Linux that makes sense.☆198Updated last year
- convert ELF/DWARF symbol and type information into vol3's intermediate JSON☆122Updated 8 months ago
- Malware Analysis tools☆26Updated 9 months ago
- Recon 2023 slides and code☆79Updated 2 years ago
- Yara Rules for Modern Malware☆77Updated last year
- Tools for analyzing EDR agents☆230Updated last year
- ☆169Updated last month