A suite of Volatility 3 plugins for memory forensics of Docker containers
☆18Jan 10, 2024Updated 2 years ago
Alternatives and similar repositories for volatility-docker
Users that are interested in volatility-docker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆36Feb 2, 2022Updated 4 years ago
- Volatility 3 Plugins☆21Oct 3, 2022Updated 3 years ago
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆22Jan 22, 2021Updated 5 years ago
- ☆24Apr 22, 2025Updated 11 months ago
- Sigma rules converted for direct use with Zircolite☆14Mar 16, 2026Updated last week
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- Windows Thingies... but in Rust☆23Nov 12, 2022Updated 3 years ago
- DFIR notebooks GCIH Gold project, paper☆12Apr 30, 2015Updated 10 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆10Feb 17, 2025Updated last year
- Modular command-line threat hunting tool & framework.☆17Jul 20, 2020Updated 5 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- Hodor for node.js☆15Jun 18, 2023Updated 2 years ago
- Javascript deobfuscation tool☆17Apr 6, 2018Updated 7 years ago
- Volatility3 plugins developed and maintained by the community☆63Mar 19, 2023Updated 3 years ago
- Harvest Linux forensic data for operational triage of an event.☆51Nov 30, 2025Updated 3 months ago
- Plug-ins for AlienVault of course.☆16Jul 5, 2017Updated 8 years ago
- CamBurglar: Detection of Hidden Wi-Fi Cameras☆12Mar 29, 2018Updated 7 years ago
- Disk Image Mounting Script☆11Jan 22, 2026Updated 2 months ago
- Web Application for domain name monitoring / alerting☆65Aug 1, 2024Updated last year
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Feb 28, 2026Updated 3 weeks ago
- OWASP Foundation Web Respository☆15Oct 9, 2025Updated 5 months ago
- ☆22Aug 29, 2024Updated last year
- ☆33Oct 25, 2021Updated 4 years ago
- Offical ruby client for the XING-API, providing easy access to all API endpoints and simplifies response parsing, error handling and trie…☆20Mar 4, 2017Updated 9 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41May 3, 2021Updated 4 years ago
- CVE-2025-64155: Fortinet FortiSIEM Argument Injection to Remote Code Execution☆31Jan 13, 2026Updated 2 months ago
- Rekall Memory Forensic Framework☆33Aug 5, 2019Updated 6 years ago
- Read Windows message table entries.☆11Feb 5, 2023Updated 3 years ago
- Tool to decrypt encrypted strings in AgentTesla☆16Jan 24, 2022Updated 4 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 4 months ago
- A commercial grade threat intelligence feed thats validated and updated every half hour.☆19Mar 24, 2023Updated 2 years ago
- Made VRChat Avatar creation and testing easier☆10Dec 28, 2022Updated 3 years ago
- Web based Manager for Yara Rules☆58Mar 9, 2020Updated 6 years ago
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆11Mar 2, 2021Updated 5 years ago
- Set of utilities for getting information about Windows Events☆15Jun 5, 2018Updated 7 years ago
- Threat Hunting at Scale: Auditing Thousands of Clusters With Falco + Fluent☆12Aug 13, 2022Updated 3 years ago
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago