Velocidex / LinpmemLinks
Linpmem is a linux memory acquisition tool
☆84Updated last year
Alternatives and similar repositories for Linpmem
Users that are interested in Linpmem are comparing it to the libraries listed below
Sorting:
- Volatility Symbol Generator for Linux Kernels☆35Updated last year
- Use YARA rules on Time Travel Debugging traces☆90Updated last year
- ☆55Updated 7 months ago
- Volatility, on Docker 🐳☆34Updated last month
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated last year
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆62Updated last month
- Cheat sheet to detect and remove linux kernel rootkit☆60Updated 5 months ago
- Generate Volatility3 profiles from BTF.☆22Updated 5 months ago
- Windows symbol tables for Volatility 3☆86Updated 10 months ago
- Powershell Linter☆53Updated last month
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆210Updated 2 years ago
- Volatility3 plugins developed and maintained by the community☆56Updated 2 years ago
- A ProcessMonitor visualization application written in rust.☆180Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆126Updated 2 years ago
- ☆20Updated last year
- Python tool to check rootkits in Windows kernel☆196Updated 3 months ago
- ☆114Updated 3 weeks ago
- Rust Linux Kernel Module designed for LKM rootkit detection☆45Updated 2 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆114Updated 2 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆115Updated 10 months ago
- Userland exec PoC to be used as attack vector technique☆85Updated 4 months ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆117Updated last month
- Recon 2023 slides and code☆79Updated last year
- ☆67Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆144Updated 10 months ago
- Yara Rules for Modern Malware☆77Updated last year
- Tools for analyzing EDR agents☆228Updated 11 months ago
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆50Updated 5 years ago
- Malware Analysis tools☆26Updated 8 months ago