Volatility Plugins
☆64Jul 22, 2023Updated 2 years ago
Alternatives and similar repositories for volatility_plugins
Users that are interested in volatility_plugins are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Plugins I've written for Volatility☆216Dec 1, 2023Updated 2 years ago
- ☆25Jul 23, 2024Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- volatility explorer☆92Nov 16, 2020Updated 5 years ago
- Collection of my volatility3 plugins☆18Sep 6, 2024Updated last year
- Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigure…☆13Jun 12, 2024Updated last year
- Volatility Explorer Suit☆67Jan 3, 2023Updated 3 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆269Jun 15, 2021Updated 4 years ago
- Learning volatility plugins.☆19Feb 16, 2021Updated 5 years ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated 10 months ago
- Forensics triage tool relying on Volatility and Foremost☆25Dec 3, 2023Updated 2 years ago
- Windows symbol tables for Volatility 3☆93Jul 11, 2024Updated last year
- /ˈhäjˌpäj/ "a confused mixture."☆13Updated this week
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Jan 13, 2017Updated 9 years ago
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- USN Journal full path builder☆67Sep 16, 2024Updated last year
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆29Feb 15, 2022Updated 4 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆315Sep 3, 2023Updated 2 years ago
- Attempts to reverse a given partial hash to a phone number (or email) given the area code. Written for python3.☆20Oct 25, 2022Updated 3 years ago
- Vault of Windows Registry forensic artifacts☆28Nov 12, 2025Updated 4 months ago
- ☆10Dec 24, 2022Updated 3 years ago
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆129Jan 31, 2022Updated 4 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Useful books, links, blogs, etc.☆14Jan 29, 2018Updated 8 years ago
- Windows.EDB Browser☆60Mar 6, 2023Updated 3 years ago
- ☆36Jan 11, 2023Updated 3 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 9 months ago
- Penguin OS Forensic (or Flight) Recorder☆40Mar 13, 2026Updated last week
- Volatility plugins developed and maintained by the community☆375Apr 5, 2021Updated 4 years ago
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆41Mar 17, 2019Updated 7 years ago
- Autoruns plugin for the Volatility framework☆123Jul 18, 2019Updated 6 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆45May 12, 2021Updated 4 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆32Nov 16, 2023Updated 2 years ago