☆82Jul 5, 2016Updated 9 years ago
Alternatives and similar repositories for Volatility-Plugins
Users that are interested in Volatility-Plugins are comparing it to the libraries listed below
Sorting:
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13May 21, 2018Updated 7 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- general purpose and malware specific analysis tools☆101Oct 22, 2015Updated 10 years ago
- PyCommand Scripts for Immunity Debugger☆37Jun 21, 2014Updated 11 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated 2 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Static and automated/dynamic malware analysis☆47Sep 28, 2015Updated 10 years ago
- Malware analysis tool☆22Apr 27, 2025Updated 10 months ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- ☆432May 3, 2023Updated 2 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- AuditParser☆60Aug 28, 2013Updated 12 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- Volatility Plugins☆22May 1, 2015Updated 10 years ago
- Page File analysis tools.☆131Dec 3, 2015Updated 10 years ago
- A modern Python-3-based alternative to RegRipper☆205Mar 31, 2025Updated 11 months ago
- Plugins I've written for Volatility☆216Dec 1, 2023Updated 2 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- IOC-EDT is an open source web based tool for creating indicators of compromise in the OpenIOC (http://www.openioc.org) format.☆18May 10, 2014Updated 11 years ago
- QEMU with rVMI extensions☆25Jul 25, 2017Updated 8 years ago
- flare-dbg is a project meant to aid malware reverse engineers in rapidly developing debugger scripts.☆149Oct 5, 2017Updated 8 years ago
- List of scripts used for malware analysis☆15Aug 10, 2015Updated 10 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 7 years ago
- Differential Analysis of Malware in Memory☆216Apr 16, 2017Updated 8 years ago
- ☆280Apr 6, 2023Updated 2 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- Indicator of Compromise Mapping Service☆12Apr 15, 2014Updated 11 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- Packed Malware Analyzer (PACKMAN)☆12Jan 31, 2016Updated 10 years ago
- Automation for VirusTotal☆31May 6, 2016Updated 9 years ago
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Apr 28, 2016Updated 9 years ago
- Another MISP module for Python☆18Feb 17, 2020Updated 6 years ago
- Yara rules for malware families seen as part of targeted threats project☆141Nov 17, 2016Updated 9 years ago
- Tool to extract the $UsnJrnl from an NTFS volume☆109Jul 30, 2019Updated 6 years ago
- Maps process creation logged by Sysmon uses Google Org Chart API☆23Mar 5, 2016Updated 9 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆26Oct 9, 2015Updated 10 years ago
- ☆22Dec 22, 2020Updated 5 years ago