Alternatives and similar repositories for VolatileDataCollector

Users that are interested in VolatileDataCollector are comparing it to the libraries listed below

• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆154Updated last year
• jonny-jhnson / TelemetrySource
  ☆250Updated last year
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆114Updated 2 years ago
• LETHAL-FORENSICS / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆240Updated 2 months ago
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆95Updated 2 years ago
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆262Updated last year
• MHaggis / notes
  Full of public notes and Utilities
  ☆117Updated 4 months ago
• jonny-jhnson / JonMon
  ☆232Updated 2 weeks ago
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆131Updated 2 months ago
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆54Updated last year
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆181Updated last year
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆122Updated 4 months ago
• randomaccess3 / Awesome-BEC
  Repository of attack and defensive information for Business Email Compromise investigations
  ☆256Updated last month
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆173Updated this week
• Defenders-Guide / TheDefendersGuide
  The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
  ☆154Updated 2 years ago
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆102Updated 9 months ago
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆76Updated last year
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆88Updated 4 years ago
• keyboardcrunch / SentinelOne-ATTACK-Queries
  MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
  ☆89Updated 4 years ago
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆85Updated 4 months ago
• mttaggart / wtfbins
  WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.
  ☆166Updated 2 months ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆99Updated last year
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆252Updated last year
• dwmetz / CyberPipe
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆318Updated last month
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆152Updated 7 months ago
• TH3xACE / EDR-Test
  Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
  ☆153Updated 2 years ago
• IppSec / PowerSiem
  ☆121Updated last year
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆95Updated last year
• LivingInSyn / RMML
  A list of RMMs designed to be used in automation to build alerts
  ☆111Updated 2 months ago
• jklepsercyber / defender-detectionhistory-parser
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆113Updated 3 years ago