Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key)
☆243May 16, 2016Updated 9 years ago
Alternatives and similar repositories for bitlocker
Users that are interested in bitlocker are comparing it to the libraries listed below
Sorting:
- Volatility plugin to extract BitLocker Full Volume Encryption Keys (FVEK)☆70Sep 20, 2021Updated 4 years ago
- A Volatility plugin to extract credentials from the memory of a OpenVPN client.☆30Sep 26, 2014Updated 11 years ago
- Volatility plugin to extract FileVault 2 VMK's☆51Sep 20, 2021Updated 4 years ago
- Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for…☆37Nov 22, 2015Updated 10 years ago
- Library and tools to access the BitLocker Drive Encryption (BDE) encrypted volumes☆244Dec 19, 2025Updated 3 months ago
- Plugins for the Volatility framework☆18Oct 30, 2015Updated 10 years ago
- DiskCryptor - it's a free solution that allows you to encrypt disk partitions, including system partition.☆17Dec 7, 2011Updated 14 years ago
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆57Jan 27, 2020Updated 6 years ago
- wow64 syscall filter☆13Nov 12, 2014Updated 11 years ago
- ☆21Mar 24, 2015Updated 10 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆45Sep 12, 2016Updated 9 years ago
- BitCracker is the first open source password cracking tool for memory units encrypted with BitLocker☆943May 31, 2024Updated last year
- black hat Asia 2017 Slides☆22Mar 30, 2017Updated 8 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆269Jun 15, 2021Updated 4 years ago
- ☆519Jan 26, 2021Updated 5 years ago
- VolDiff: Malware Memory Footprint Analysis based on Volatility☆197Sep 12, 2017Updated 8 years ago
- An NTFS journal parser☆80Mar 3, 2016Updated 10 years ago
- Bit9 + Carbon Black Threat Intelligence☆81Mar 9, 2016Updated 10 years ago
- inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extr…☆295Sep 30, 2023Updated 2 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆36May 4, 2016Updated 9 years ago
- ☆43Jul 2, 2018Updated 7 years ago
- Supporting Files on my analysis of the malware designated hdroot.☆59Feb 23, 2017Updated 9 years ago
- List of PowerShell scripts conjured up for my consumption (you are welcome to use)☆36Oct 17, 2013Updated 12 years ago
- EditBox is a plugin for the Volatility Framework. It extracts the text from Windows Edit controls, that is, textboxes as generated by Win…☆24Jun 4, 2017Updated 8 years ago
- Automatically exported from code.google.com/p/pac4mac☆40Mar 4, 2019Updated 7 years ago
- Exploit kit analyzer☆22Mar 3, 2015Updated 11 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- Patching ROP-encoded shellcodes into PEs☆189Nov 22, 2017Updated 8 years ago
- POC for IAT Parsing Payloads☆48Jan 1, 2017Updated 9 years ago
- Scripts for dealing with various ek's☆69Feb 2, 2017Updated 9 years ago
- IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplot…☆142Apr 16, 2021Updated 4 years ago
- A sample vulnerable driver that emulates kernel mode vulnerabilities.☆20Jan 30, 2016Updated 10 years ago
- Small tool for disassembling shellcode (using objdump)☆149Jun 19, 2022Updated 3 years ago
- Volatility plugins developed and maintained by the community☆375Apr 5, 2021Updated 4 years ago
- FUSE driver to read/write Windows' BitLocker-ed volumes under Linux / Mac OSX☆1,879Jan 8, 2026Updated 2 months ago
- Exploit the credentials present in files and memory☆843May 25, 2023Updated 2 years ago
- Win32k Elevation of Privilege Poc☆24May 17, 2019Updated 6 years ago
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago