Velocidex / Linpmem
Linpmem is a linux memory acquisition tool
☆78Updated 10 months ago
Alternatives and similar repositories for Linpmem:
Users that are interested in Linpmem are comparing it to the libraries listed below
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- Powershell Linter☆50Updated this week
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…☆51Updated last year
- Linux #rootkit and #malware revealer☆24Updated 7 months ago
- Use YARA rules on Time Travel Debugging traces☆89Updated last year
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- ☆55Updated 5 months ago
- ☆111Updated last month
- Yara Rules for Modern Malware☆73Updated last year
- Malware Analysis tools☆25Updated 6 months ago
- Windows symbol tables for Volatility 3☆81Updated 8 months ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆44Updated 2 years ago
- Userland exec PoC to be used as attack vector technique☆81Updated last month
- Finding secrets in kernel and user memory☆115Updated last year
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated 10 months ago
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆52Updated 2 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆52Updated 3 months ago
- ☆66Updated 2 years ago
- Volatility, on Docker 🐳☆33Updated 8 months ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆75Updated 7 months ago
- Repository of Yara Rules☆103Updated last month
- Python tool to check rootkits in Windows kernel☆195Updated 3 weeks ago
- ☆39Updated last year
- Lazarus analysis tools and research report☆55Updated last year
- Elastic Security Labs releases☆59Updated 4 months ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆205Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆114Updated 8 months ago
- JA4TScan is an active TCP server fingerprinting tool.☆72Updated 6 months ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆139Updated 8 months ago
- YARI is an interactive debugger for YARA Language.☆87Updated 2 months ago