Volatility Plugins
☆64Jul 22, 2023Updated 2 years ago
Alternatives and similar repositories for volatility_plugins
Users that are interested in volatility_plugins are comparing it to the libraries listed below
Sorting:
- ☆25Jul 23, 2024Updated last year
- /ˈhäjˌpäj/ "a confused mixture."☆13Updated this week
- Plugins I've written for Volatility☆216Dec 1, 2023Updated 2 years ago
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago
- Forensics triage tool relying on Volatility and Foremost☆25Dec 3, 2023Updated 2 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆270Jun 15, 2021Updated 4 years ago
- Windows symbol tables for Volatility 3☆93Jul 11, 2024Updated last year
- Collection of my volatility3 plugins☆18Sep 6, 2024Updated last year
- Volatility Explorer Suit☆66Jan 3, 2023Updated 3 years ago
- Autoruns plugin for the Volatility framework☆122Jul 18, 2019Updated 6 years ago
- Attempts to reverse a given partial hash to a phone number (or email) given the area code. Written for python3.☆20Oct 25, 2022Updated 3 years ago
- volatility explorer☆92Nov 16, 2020Updated 5 years ago
- Learning volatility plugins.☆19Feb 16, 2021Updated 5 years ago
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆130Jan 31, 2022Updated 4 years ago
- TG 2016 hacking compo repo☆10Mar 31, 2016Updated 9 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆310Sep 3, 2023Updated 2 years ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆32Nov 16, 2023Updated 2 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- st2-046-poc CVE-2017-5638☆21Aug 17, 2018Updated 7 years ago
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆29Feb 15, 2022Updated 4 years ago
- Extract data of TTD trace file to a minidump☆31Jul 31, 2023Updated 2 years ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigure…☆13Jun 12, 2024Updated last year
- ☆10Apr 8, 2018Updated 7 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 8 months ago
- Function ID for Malware Analysis☆13Jul 6, 2020Updated 5 years ago
- ☆10Dec 24, 2022Updated 3 years ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆19May 9, 2025Updated 9 months ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- Library and tools to access the Windows Hibernation File (hiberfil.sys) format☆13Dec 20, 2025Updated 2 months ago
- ☆12Jun 29, 2021Updated 4 years ago
- A collection of cyberchef recipes for use in osint investigations☆14Jul 2, 2022Updated 3 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Utilities for the memory forensics framework☆22Jul 31, 2018Updated 7 years ago
- emotet configs pulled from https://cape.contextis.com/☆14Apr 27, 2022Updated 3 years ago