lclevy / exfatDump
an experimental tool for forensic analysis of ExFAT filesystem
☆15Updated 8 years ago
Related projects: ⓘ
- Recover event log entries from an image by heurisitically looking for record structures.☆25Updated 8 years ago
- Carves EXEs from given data files, using intelligent carving based upon PE headers☆36Updated 7 years ago
- A Volatility plugin for finding sqlite database rows☆22Updated 5 years ago
- Parse Manifest.mbdb files from iTunes backup directories☆19Updated 7 years ago
- See here:☆41Updated 11 years ago
- vstruct based dissectors for various file/protocol formats☆15Updated 7 years ago
- Basic file metadata gathering script☆21Updated 2 years ago
- An NTFS journal parser☆82Updated 8 years ago
- a collection of yara rules for binary analysis☆23Updated 7 years ago
- Volatility plugin to extract FileVault 2 VMK's☆49Updated 3 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 7 years ago
- ☆32Updated 3 months ago
- Digital Forensics Windows Registry (dfWinReg)☆49Updated 4 months ago
- A tool to generate yara signatures from function blocks☆19Updated 9 years ago
- Automatically exported from code.google.com/p/malware-lu☆55Updated 5 years ago
- Server for receiving autorun data from the clients☆13Updated 6 years ago
- ☆64Updated this week
- ☆17Updated 7 years ago
- RegRipper wrapper for simplified bulk parsing or registry hives☆10Updated 6 years ago
- Yara syntax highlighting☆24Updated 3 years ago
- ☆12Updated this week
- ☆33Updated 12 years ago
- Resources for HFS+ Forensics☆35Updated 8 years ago
- ☆14Updated this week
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Updated 5 years ago
- Various Malware-Related Utilities☆10Updated 8 years ago
- Discover potential timestamps within the Windows Registry☆18Updated 10 years ago
- Automated memory forensics analysis☆32Updated 5 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆36Updated 6 years ago
- A USB armory based USB sandbox☆20Updated 7 years ago
- r2yara - Module for Yara using radare2 information☆33Updated 11 months ago