amir9339 / volatility-docker
A suite of Volatility 3 plugins for memory forensics of Docker containers
☆18Updated last year
Alternatives and similar repositories for volatility-docker:
Users that are interested in volatility-docker are comparing it to the libraries listed below
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 2 months ago
- Carbon Black Response IR tool☆53Updated 4 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- A home for detection content developed by the delivr.to team☆68Updated 2 months ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- ReWrite of AChoir in Go for Cross Platform☆41Updated 2 months ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- ☆41Updated last year
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆53Updated 2 weeks ago
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated last week
- ☆42Updated 2 weeks ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 2 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆65Updated 3 years ago
- Shodan Monitoring integration for TheHive.☆130Updated 4 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 5 months ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆38Updated 2 months ago
- Penguin OS Forensic (or Flight) Recorder☆40Updated 4 months ago
- Volatility, on Docker 🐳☆34Updated last week
- Linux Evidence Acquisition Framework☆114Updated 6 months ago
- Tweettioc Splunk App☆20Updated 4 years ago
- Collection of YARA signatures from individual research☆44Updated last year
- yara detection rules for hunting with the threathunting-keywords project☆116Updated last month
- Tools used by CSIRT and especially in the scope of CNW☆16Updated 6 months ago
- ☆38Updated 3 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆114Updated 3 years ago
- Yara rules☆21Updated 2 years ago
- Lazarus analysis tools and research report☆56Updated last year