elceef / bitlocker
Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key)
☆221Updated 8 years ago
Related projects ⓘ
Alternatives and complementary repositories for bitlocker
- Comae Hibernation File Decompressor☆141Updated last year
- Autoruns plugin for the Volatility framework☆118Updated 5 years ago
- Web App for Volatility framework☆380Updated 2 months ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆189Updated 4 years ago
- Volatility plugins developed and maintained by the community☆342Updated 3 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆263Updated 3 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆115Updated 5 months ago
- Differential Analysis of Malware in Memory☆209Updated 7 years ago
- Volatility plugin to extract BitLocker Full Volume Encryption Keys (FVEK)☆62Updated 3 years ago
- A modern Python-3-based alternative to RegRipper☆187Updated this week
- VolDiff: Malware Memory Footprint Analysis based on Volatility☆192Updated 7 years ago
- ☆273Updated last year
- An AFF4 C++ implementation.☆188Updated last year
- The kernel patch and userspace tools to enable Linux software write blocking☆134Updated 4 years ago
- ☆416Updated last year
- ☆294Updated 4 years ago
- A python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local hos…☆161Updated 4 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆218Updated 4 years ago
- YARA malware query accelerator (web frontend)☆413Updated this week
- ☆435Updated 5 months ago
- Web interface for the Volatility Memory Forensics Framework☆259Updated 6 years ago
- Python script to decode common encoded PowerShell scripts☆215Updated 6 years ago
- An NTFS/FAT parser for digital forensics & incident response☆191Updated this week
- Collaborative malware analysis framework☆375Updated 5 years ago
- Windows Live Artifacts Acquisition Script☆183Updated 2 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆417Updated 3 years ago
- Script for automating Linux memory capture and analysis☆264Updated 4 years ago
- snake - a malware storage zoo☆217Updated last year
- Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.☆485Updated 5 months ago
- Tool suite for inspecting NTFS artifacts.☆216Updated last year