leludo84 / vol3-linux-profiles
Volatility3 Linux profiles
β26Updated this week
Related projects β
Alternatives and complementary repositories for vol3-linux-profiles
- Collection of Volatility2 profiles, generated against Linux kernels.β30Updated this week
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis πβ74Updated this week
- Windows symbol tables for Volatility 3β73Updated 4 months ago
- Memory mapping profiles for forensic analysis using volatility 2β45Updated 2 years ago
- A collection of tools and detections for the Sliver C2 Frameworjβ109Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hosβ¦β29Updated 2 years ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performsβ¦β161Updated 6 months ago
- A centralized and enhanced memory analysis platformβ364Updated this week
- Memory mapping profiles for forensic analysis using volatility 3β24Updated 2 years ago
- Volatility Symbol Generator for Linux Kernelsβ31Updated last year
- A ProcessMonitor visualization application written in rust.β176Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. Tβ¦β105Updated last month
- Powershell Linterβ46Updated last month
- Volatility, on Docker π³β29Updated 4 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.β94Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.β146Updated this week
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIRβ220Updated 8 months ago
- A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.β176Updated 3 months ago
- Use YARA rules on Time Travel Debugging tracesβ86Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracβ¦β140Updated 2 months ago
- A suite of tools to disrupt campaigns using the Sliver C2 framework.β248Updated last year
- This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.β126Updated last year
- Memory acquisition for Linux that makes sense.β155Updated last year
- Run several volatility plugins at the same timeβ108Updated 2 years ago
- Python tool to check rootkits in Windows kernelβ169Updated last week
- Collection of my volatility3 pluginsβ15Updated 2 months ago
- Repository of Yara Rulesβ88Updated last month
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIRβ544Updated 3 weeks ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!β82Updated last year
- A Python based GUI for volatility. Made by keeping CTFs in focus. Basic memory forensics in Clicks.β42Updated 2 years ago