Rekall Memory Forensic Framework
☆1,999Oct 18, 2020Updated 5 years ago
Alternatives and similar repositories for rekall
Users that are interested in rekall are comparing it to the libraries listed below
Sorting:
- GRR Rapid Response: remote live forensics for incident response☆5,046Feb 16, 2026Updated last month
- An advanced memory forensics framework☆7,982May 16, 2025Updated 10 months ago
- Super timeline all the things☆2,034Feb 10, 2026Updated last month
- Public Profile Repository for Rekall Memory Forensic.☆101Oct 20, 2020Updated 5 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices…☆1,954Updated this week
- Collaborative forensic timeline analysis☆3,290Updated this week
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- Digital Forensics artifact repository☆1,213Feb 11, 2026Updated last month
- ☆519Jan 26, 2021Updated 5 years ago
- An AFF4 C++ implementation.☆214Mar 24, 2023Updated 2 years ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,923Updated this week
- Web App for Volatility framework☆390Jan 13, 2026Updated 2 months ago
- Web interface for the Volatility Memory Forensics Framework☆259Nov 21, 2017Updated 8 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆5,925May 3, 2022Updated 3 years ago
- Binary analysis and management framework☆1,556Jun 7, 2023Updated 2 years ago
- VolDiff: Malware Memory Footprint Analysis based on Volatility☆197Sep 12, 2017Updated 8 years ago
- Incident Response Forensic Framework☆612Nov 20, 2019Updated 6 years ago
- Repository of yara rules☆4,730Apr 17, 2024Updated last year
- rVMI - A New Paradigm For Full System Analysis☆359Oct 4, 2017Updated 8 years ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,824Jan 19, 2020Updated 6 years ago
- Loki - Simple IOC and YARA Scanner☆3,733Jan 12, 2026Updated 2 months ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,239Aug 7, 2025Updated 7 months ago
- A forensic evidence collection & analysis toolkit for OS X☆1,892Jun 19, 2019Updated 6 years ago
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆3,023Mar 13, 2026Updated last week
- CRITs - Collaborative Research Into Threats☆911Jul 29, 2019Updated 6 years ago
- The pattern matching swiss knife☆9,490Feb 10, 2026Updated last month
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,682Feb 14, 2024Updated 2 years ago
- ☆280Apr 6, 2023Updated 2 years ago
- DRAKVUF Black-box Binary Analysis☆1,211Mar 5, 2026Updated 2 weeks ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆657Aug 19, 2019Updated 6 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,501Jan 12, 2026Updated 2 months ago
- Automation and Scaling of Digital Forensics Tools☆787Updated this week
- inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extr…☆295Sep 30, 2023Updated 2 years ago
- A curated list of tools for incident response☆8,879Jul 18, 2024Updated last year
- Differential Analysis of Malware in Memory☆216Apr 16, 2017Updated 8 years ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆526Aug 13, 2025Updated 7 months ago
- The official home of the LibVMI project is at https://github.com/libvmi/libvmi.☆738Jan 4, 2026Updated 2 months ago
- Malicious HTTP traffic explorer☆723Mar 16, 2023Updated 3 years ago