breppo / Volatility-BitLockerLinks
Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the volume.
☆50Updated 5 years ago
Alternatives and similar repositories for Volatility-BitLocker
Users that are interested in Volatility-BitLocker are comparing it to the libraries listed below
Sorting:
- Windows symbol tables for Volatility 3☆87Updated 11 months ago
- Volatility3 plugins developed and maintained by the community☆59Updated 2 years ago
- Collection of Volatility2 profiles, generated against Linux kernels.☆43Updated this week
- A collection of tools and detections for the Sliver C2 Frameworj☆127Updated 2 years ago
- volatility explorer☆91Updated 4 years ago
- Memory mapping profiles for forensic analysis using volatility 3☆27Updated 3 years ago
- Volatility Symbol Generator for Linux Kernels☆35Updated last year
- Volatility, on Docker 🐳☆34Updated 2 months ago
- RegRipper4.0☆52Updated last month
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago
- A small util to brute-force prefetch hashes☆77Updated 3 years ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆213Updated 2 years ago
- Linpmem is a linux memory acquisition tool☆84Updated last year
- Retrieve inner payloads from Donut samples☆99Updated last year
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆264Updated last year
- DPAPILAB Next Gen, script collection☆84Updated 2 years ago
- ☆144Updated this week
- Powershell Linter☆61Updated last week
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆145Updated this week
- Bitpixie exploitation PoC☆43Updated 3 weeks ago
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- ☆19Updated 2 years ago
- Volatility Explorer Suit☆65Updated 2 years ago
- ☆73Updated 3 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆167Updated this week
- Volatility3 Linux profiles☆48Updated 3 weeks ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆193Updated last year
- Dump quarantined files from Windows Defender☆64Updated 3 years ago
- ☆300Updated 7 months ago
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago