lclevy / exfatDump
an experimental tool for forensic analysis of ExFAT filesystem
☆15Updated 9 years ago
Alternatives and similar repositories for exfatDump:
Users that are interested in exfatDump are comparing it to the libraries listed below
- Recover event log entries from an image by heurisitically looking for record structures.☆27Updated 9 years ago
- Carves EXEs from given data files, using intelligent carving based upon PE headers☆37Updated 7 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- Forensic Analysis Tool for Btrfs File System.☆20Updated 6 years ago
- ☆32Updated 7 months ago
- Discover potential timestamps within the Windows Registry☆18Updated 10 years ago
- Firmware analysis gone wild.☆42Updated 10 years ago
- Convert Windows Netmon Monitor Mode Wireless Packet Captures to Libpcap Format☆15Updated 5 years ago
- A Volatility plugin for finding sqlite database rows☆22Updated 5 years ago
- a collection of yara rules for binary analysis☆24Updated 7 years ago
- An NTFS journal parser☆82Updated 8 years ago
- This is a copy of the Registry Decoder Live repository from Google Code☆9Updated 9 years ago
- radare2 script to help on COM objects reverse engineering☆11Updated 7 years ago
- Resources for HFS+ Forensics☆35Updated 9 years ago
- Parse IE, FireFox, Chrome and Safari Cookies for Google Analytic values☆23Updated 8 years ago
- A sort of a toolkit to decrypt Dropbox Windows DBX files☆30Updated 7 years ago
- See here:☆42Updated 12 years ago
- Volatility Plugin to scan for shimmed processes in Windows☆10Updated 9 years ago
- Library and tools to access the Windows Hibernation File (hiberfil.sys) format☆13Updated 6 months ago
- "Fuzzy matching" for SQLite databases☆29Updated 4 years ago
- IDA Pomidor is a plugin for Hex-Ray's IDA Pro disassembler that will help you retain concentration and productivity during long reversing…☆35Updated 10 years ago
- tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net☆33Updated 10 months ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Updated 6 years ago
- Digital Forensics Windows Registry (dfWinReg)☆49Updated last month
- Server for receiving autorun data from the clients☆13Updated 7 years ago
- r2yara - Module for Yara using radare2 information☆34Updated last year
- Carve Windows Prefetch files from arbitrary binary data☆14Updated 7 years ago
- iOS forensics utility☆12Updated 6 years ago
- Finds dynamic DNS (like no-ip.org) domains from a given list of domains☆14Updated 9 years ago
- An example malicious payload controller and obfuscator assisted by TPM-protected keys☆39Updated 10 years ago