Alternatives and similar repositories for VolatileDataCollector

Users that are interested in VolatileDataCollector are comparing it to the libraries listed below

• LETHAL-FORENSICS / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆240Updated 2 months ago
• jsecurity101 / TelemetrySource
  ☆247Updated last year
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆262Updated last year
• jsecurity101 / JonMon
  ☆223Updated 4 months ago
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆180Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆154Updated last year
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆113Updated 2 years ago
• Defenders-Guide / TheDefendersGuide
  The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
  ☆154Updated last year
• mttaggart / wtfbins
  WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.
  ☆166Updated 2 months ago
• Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-Sheet
  ☆160Updated last year
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆95Updated 2 years ago
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆251Updated last year
• randomaccess3 / Awesome-BEC
  Repository of attack and defensive information for Business Email Compromise investigations
  ☆252Updated 3 weeks ago
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆170Updated this week
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆128Updated last month
• Beercow / OneDriveExplorer
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆199Updated this week
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆53Updated last year
• dwmetz / CyberPipe
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆313Updated 3 weeks ago
• mandiant / VM-Packages
  Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
  ☆180Updated last week
• joeavanzato / Trawler
  PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
  ☆316Updated last month
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆75Updated last year
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆202Updated 2 years ago
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆152Updated 6 months ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆113Updated 3 months ago
• SentineLabs / SentinelLabs_RevCore_Tools
  The Windows Malware Analysis Reversing Core Tools
  ☆95Updated 4 years ago
• keyboardcrunch / SentinelOne-ATTACK-Queries
  MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
  ☆90Updated 4 years ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆99Updated 11 months ago
• mttaggart / blue-jupyter
  Jupyter Notebooks for the Blue Team
  ☆144Updated 2 months ago
• AndrewRathbun / VanillaWindowsReference
  A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …
  ☆163Updated 6 months ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆98Updated 2 years ago