Velocidex / Linpmem
Linpmem is a linux memory acquisition tool
☆77Updated 10 months ago
Alternatives and similar repositories for Linpmem:
Users that are interested in Linpmem are comparing it to the libraries listed below
- Cheat sheet to detect and remove linux kernel rootkit☆51Updated 2 months ago
- Powershell Linter☆50Updated last month
- Use YARA rules on Time Travel Debugging traces☆89Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- Linux #rootkit and #malware revealer☆24Updated 7 months ago
- Windows symbol tables for Volatility 3☆81Updated 8 months ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆138Updated 7 months ago
- Volatility Symbol Generator for Linux Kernels☆33Updated last year
- Userland exec PoC to be used as attack vector technique☆68Updated last month
- JA4TScan is an active TCP server fingerprinting tool.☆71Updated 6 months ago
- ☆111Updated 3 weeks ago
- ☆55Updated 5 months ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆206Updated last year
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆52Updated 2 months ago
- Malware Analysis tools☆25Updated 5 months ago
- Yara Rules for Modern Malware☆73Updated last year
- Elastic Security Labs releases☆58Updated 4 months ago
- ☆39Updated last year
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…☆51Updated last year
- A ProcessMonitor visualization application written in rust.☆179Updated last year
- Volatility, on Docker 🐳☆33Updated 8 months ago
- Repository of Yara Rules☆103Updated 3 weeks ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆115Updated this week
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated 9 months ago
- Finding secrets in kernel and user memory☆115Updated last year
- ☆155Updated 9 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆114Updated 8 months ago
- Python tool to check rootkits in Windows kernel☆193Updated last week
- Various code samples and useful tips and tricks from reverse engineering and malware analysis fields.☆101Updated 2 years ago
- ☆66Updated 2 years ago