elceef / bitlocker
Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key)
☆228Updated 8 years ago
Alternatives and similar repositories for bitlocker:
Users that are interested in bitlocker are comparing it to the libraries listed below
- Comae Hibernation File Decompressor☆146Updated last year
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆264Updated 3 years ago
- Volatility plugin to extract BitLocker Full Volume Encryption Keys (FVEK)☆65Updated 3 years ago
- Web App for Volatility framework☆378Updated 4 months ago
- Autoruns plugin for the Volatility framework☆121Updated 5 years ago
- Automatically exported from code.google.com/p/creddump☆249Updated 5 years ago
- Web interface for the Volatility Memory Forensics Framework☆260Updated 7 years ago
- An NTFS/FAT parser for digital forensics & incident response☆200Updated 4 months ago
- Volatility plugins developed and maintained by the community☆358Updated 3 years ago
- Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain na…☆135Updated 5 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆115Updated 10 months ago
- A modern Python-3-based alternative to RegRipper☆193Updated 4 months ago
- Differential Analysis of Malware in Memory☆211Updated 7 years ago
- An AFF4 C++ implementation.☆198Updated 2 years ago
- Python script to decode common encoded PowerShell scripts☆216Updated 6 years ago
- VolDiff: Malware Memory Footprint Analysis based on Volatility☆194Updated 7 years ago
- Mac OS X Memory Analysis Toolkit☆168Updated 8 years ago
- Library and tools to access the BitLocker Drive Encryption (BDE) encrypted volumes☆230Updated 9 months ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 4 years ago
- Windows Live Artifacts Acquisition Script☆186Updated 2 years ago
- Various snippets created during malware analysis☆458Updated 2 years ago
- Process Spawn Control is a Powershell tool which aims to help in the behavioral (process) analysis of malware. PsC suspends newly launche…☆260Updated 3 years ago
- Replay RDP traffic from PCAP☆191Updated 5 years ago
- The kernel patch and userspace tools to enable Linux software write blocking☆139Updated 4 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆192Updated 2 weeks ago
- inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extr…☆283Updated last year
- Page File analysis tools.☆126Updated 9 years ago
- Tool suite for inspecting NTFS artifacts.☆219Updated last year
- Volatility profiles for Linux and Mac OS X☆323Updated 2 years ago
- ☆302Updated 4 years ago