amir9339 / volatility-dockerLinks
A suite of Volatility 3 plugins for memory forensics of Docker containers
☆18Updated last year
Alternatives and similar repositories for volatility-docker
Users that are interested in volatility-docker are comparing it to the libraries listed below
Sorting:
- ☆42Updated last year
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆55Updated 2 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆66Updated 3 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Updated 3 years ago
- Tools used by CSIRT and especially in the scope of CNW☆16Updated 9 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 4 months ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆73Updated 3 years ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- Carbon Black Response IR tool☆53Updated 4 years ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆105Updated 3 years ago
- A home for detection content developed by the delivr.to team☆69Updated 3 weeks ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆131Updated 3 years ago
- ☆45Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆94Updated 2 years ago
- Triaging Windows event logs based on SANS Poster