Hunt malware with Volatility
☆47Jul 9, 2025Updated 7 months ago
Alternatives and similar repositories for malhunt
Users that are interested in malhunt are comparing it to the libraries listed below
Sorting:
- Automagically extract forensic timeline from volatile memory dump☆132May 7, 2024Updated last year
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- ☆17Apr 13, 2018Updated 7 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- CSIRT Jump Bag☆27Apr 25, 2024Updated last year
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33May 25, 2024Updated last year
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Automated forensics written in PowerShell☆34Sep 29, 2019Updated 6 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- Recover EXT filesystem info from carved directory blocks☆19Jun 23, 2017Updated 8 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- A modern Python-3-based alternative to RegRipper☆205Mar 31, 2025Updated 11 months ago
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆341Dec 3, 2025Updated 3 months ago
- An NTFS/FAT parser for digital forensics & incident response☆220Oct 31, 2025Updated 4 months ago
- An advanced parser for INDX records☆29Aug 7, 2019Updated 6 years ago
- Tools and Binaries to use with KAPE☆13Aug 13, 2019Updated 6 years ago
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆10Mar 2, 2021Updated 5 years ago
- AWS Live Response☆11Sep 19, 2017Updated 8 years ago
- GUI for regripper☆11Mar 19, 2019Updated 6 years ago
- Python code injection library☆10Jul 30, 2018Updated 7 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Sep 13, 2023Updated 2 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- Learn about a network from a pcap file or reading from an interface☆29Apr 6, 2024Updated last year
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆51Jan 26, 2025Updated last year
- Windows Forensics Environment Builder☆179Dec 5, 2025Updated 2 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆14Aug 15, 2022Updated 3 years ago
- Scripts developed to help in mobile forensics investigations☆10Jul 4, 2017Updated 8 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Actual good v3 onion links☆15Jan 19, 2026Updated last month
- Grepify the GUI Regex Text Scanner for Code Reviewers☆23Apr 15, 2013Updated 12 years ago
- This repo contain Android malware samples and analysis☆13Apr 3, 2021Updated 4 years ago