breppo / Volatility-BitLockerLinks
Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the volume.
☆51Updated 5 years ago
Alternatives and similar repositories for Volatility-BitLocker
Users that are interested in Volatility-BitLocker are comparing it to the libraries listed below
Sorting:
- Windows symbol tables for Volatility 3☆88Updated last year
- Linpmem is a linux memory acquisition tool☆87Updated last month
- Volatility3 plugins developed and maintained by the community☆58Updated 2 years ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆214Updated 2 years ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆198Updated last year
- ☆75Updated 3 years ago
- A collection of tools and detections for the Sliver C2 Frameworj☆128Updated 2 years ago
- Volatility, on Docker 🐳☆34Updated 3 months ago
- Collection of Volatility2 profiles, generated against Linux kernels.☆47Updated last month
- Powershell Linter☆79Updated last week
- Volatility Symbol Generator for Linux Kernels☆35Updated last year
- A ProcessMonitor visualization application written in rust.☆181Updated 2 years ago
- RegRipper4.0☆58Updated 3 months ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Updated last year
- volatility explorer☆91Updated 4 years ago
- bitpixie Proof of Concept - Bitlocker Decryptor☆81Updated last week
- A small util to brute-force prefetch hashes☆78Updated 3 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆173Updated last month
- Dump quarantined files from Windows Defender☆64Updated 3 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆245Updated 4 months ago
- ☆57Updated 9 months ago
- Memory mapping profiles for forensic analysis using volatility 3☆27Updated 3 years ago
- ☆19Updated 3 years ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆136Updated last week
- Retrieve inner payloads from Donut samples☆105Updated last year
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆283Updated last year
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆66Updated 3 months ago
- ☆67Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆156Updated last year
- A collection of tools to interact with Microsoft Security Response Center API☆99Updated last year