leludo84 / vol3-linux-profiles
Volatility3 Linux profiles
☆15Updated last week
Related projects: ⓘ
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆29Updated 2 years ago
- Collection of Volatility2 profiles, generated against Linux kernels.☆25Updated last week
- Collection of Volatility3 symbols, generated against Linux and macOS kernels.☆53Updated this week
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- A C# based tool for analysing malicious OneNote documents☆108Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆104Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆216Updated 6 months ago
- Volatility Symbol Generator for Linux Kernels☆28Updated 10 months ago
- A ProcessMonitor visualization application written in rust.☆175Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆138Updated this week
- The Windows Malware Analysis Reversing Core Tools☆88Updated 3 years ago
- Windows symbol tables for Volatility 3☆72Updated 2 months ago
- ☆168Updated 8 months ago
- Active C&C Detector☆148Updated 11 months ago
- RegRipper4.0☆33Updated last year
- Powershell Linter☆46Updated 2 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆67Updated last year
- Cobalt Strike Beacon configuration extractor and parser.☆142Updated 3 years ago
- Yara Rules for Modern Malware☆68Updated 6 months ago
- This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.☆121Updated last year
- JPCERT/CC public YARA rules repository☆98Updated 3 months ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆92Updated 10 months ago
- A small util to brute-force prefetch hashes☆73Updated 2 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆162Updated last year
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆144Updated last year
- Elastic Security Labs releases☆46Updated 3 weeks ago
- ☆46Updated 2 weeks ago
- IOC Collection 2022☆55Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆80Updated last year
- Linux Evidence Acquisition Framework☆114Updated 2 years ago