VMDK Forensic Artifact Extractor (VFAE) is windows based tool written in C++ that extracts files with a known location from VMDK images running the Windows operating system. The tool utilizes the VDDK (Virtual Disk Development Kit) API for the heavy lifting such as mounting, opening, and reading the VMDK selected. When vfae.exe is executed, i…
☆17Aug 7, 2015Updated 10 years ago
Alternatives and similar repositories for VFAE
Users that are interested in VFAE are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- Hunt for SQLite files used by various applications☆30Mar 1, 2026Updated 3 weeks ago
- C library of device-side LongFi Protocol☆14Jan 13, 2020Updated 6 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated last month
- ☆26Mar 10, 2022Updated 4 years ago
- A command line utility to aid in using autofocus for IR and research☆27Oct 22, 2019Updated 6 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface☆17Jan 10, 2020Updated 6 years ago
- Assorted Cereals☆10Nov 13, 2021Updated 4 years ago
- Multi-agent AI system using GPT-4o, DeepSeek v3, and Llama 3.3 to detect if CVE vulnerabilities were exploited as zero-days. Analyzes…☆20Feb 13, 2026Updated last month
- Defence Against the Dark Arts☆34Sep 15, 2019Updated 6 years ago
- Pulse Secure SSL VPN pre-auth file reading☆50Aug 26, 2019Updated 6 years ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 9 months ago
- Linux BPF plugins for Volatility3☆23Jan 19, 2024Updated 2 years ago
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆15Aug 8, 2025Updated 7 months ago
- WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…☆18Jul 2, 2022Updated 3 years ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- Matt's DFIR blog☆14Jul 28, 2025Updated 7 months ago
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- trace system internal activities by high perfermonce aio(include multiple implementations windows support, aio,completion port, wmi etc)…☆18Feb 16, 2024Updated 2 years ago
- Capstone Engine bindings on PHP 7.0+☆12Sep 22, 2022Updated 3 years ago
- Documentation for DFIR ORC, artefact collection tool dedicated to Microsoft Windows☆12May 23, 2025Updated 10 months ago
- Various tools and scripts☆43Nov 30, 2022Updated 3 years ago
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 3 months ago
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- RNNs for sql-injection detection 🔍. built in python with tensorflow and keras☆12Sep 14, 2024Updated last year
- Dynamically parse and fill different formats of wav headers.☆11Jan 11, 2024Updated 2 years ago
- CyberSecurity Resources (Threat Intelligence, Malware Analysis, Pentesting, DFIR, etc)☆11Nov 30, 2023Updated 2 years ago
- python3 version of cloacked-pixel.☆11Oct 8, 2022Updated 3 years ago
- This repository provides a comprehensive Digital Footprint Checklist to help individuals manage their online presence and enhance privacy…☆17Dec 25, 2024Updated last year
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- 基于Qt的一款截图工具☆11Nov 8, 2016Updated 9 years ago
- A Binary Ninja plugin providing a set of BinaryViews for loading Motorola SREC, Intel HEX, and TI-TXT "hex" files☆10Sep 5, 2024Updated last year
- Tool for analysts to perform simultaneous lookups (IP, Domain, URL, MD5) against multiple data sources☆28Jan 27, 2017Updated 9 years ago
- ☆10May 24, 2019Updated 6 years ago