gtworek / VolatileDataCollectorLinks
☆201Updated 7 months ago
Alternatives and similar repositories for VolatileDataCollector
Users that are interested in VolatileDataCollector are comparing it to the libraries listed below
Sorting:
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago
- ☆247Updated last year
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- ☆223Updated 4 months ago
- A ProcessMonitor visualization application written in rust.☆180Updated last year
- Active C&C Detector☆154Updated last year
- A C# based tool for analysing malicious OneNote documents☆113Updated 2 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆154Updated last year
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆166Updated 2 months ago
- ☆160Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆251Updated last year
- Repository of attack and defensive information for Business Email Compromise investigations☆252Updated 3 weeks ago
- A repository to share publicly available Velociraptor detection content☆170Updated this week
- A collection of tools, scripts and personal research☆128Updated last month
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆199Updated this week
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆53Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆313Updated 3 weeks ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆180Updated last week
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆316Updated last month
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆75Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆202Updated 2 years ago
- Powershell module for VMWare vSphere forensics☆152Updated 6 months ago
- Full of public notes and Utilities☆113Updated 3 months ago
- The Windows Malware Analysis Reversing Core Tools☆95Updated 4 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆90Updated 4 years ago
- Initial triage of Windows Event logs☆99Updated 11 months ago
- Jupyter Notebooks for the Blue Team☆144Updated 2 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆163Updated 6 months ago
- MDE relies on some of the Audit settings to be enabled☆98Updated 2 years ago