☆82Jul 5, 2016Updated 9 years ago
Alternatives and similar repositories for Volatility-Plugins
Users that are interested in Volatility-Plugins are comparing it to the libraries listed below
Sorting:
- general purpose and malware specific analysis tools☆101Oct 22, 2015Updated 10 years ago
- ☆432May 3, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- AuditParser☆60Aug 28, 2013Updated 12 years ago
- PyCommand Scripts for Immunity Debugger☆37Jun 21, 2014Updated 11 years ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13May 21, 2018Updated 7 years ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- Static and automated/dynamic malware analysis☆47Sep 28, 2015Updated 10 years ago
- Volatility Plugins☆22May 1, 2015Updated 10 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated 2 years ago
- Malware analysis tool☆22Apr 27, 2025Updated 10 months ago
- QEMU with rVMI extensions☆25Jul 25, 2017Updated 8 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Dec 24, 2019Updated 6 years ago
- ☆31Feb 15, 2017Updated 9 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 7 years ago
- Indicator of Compromise Mapping Service☆12Apr 15, 2014Updated 11 years ago
- Another MISP module for Python☆18Feb 17, 2020Updated 6 years ago
- flare-dbg is a project meant to aid malware reverse engineers in rapidly developing debugger scripts.☆149Oct 5, 2017Updated 8 years ago
- An NTFS journal parser☆80Mar 3, 2016Updated 10 years ago
- Differential Analysis of Malware in Memory☆216Apr 16, 2017Updated 8 years ago
- Plugins I've written for Volatility☆216Dec 1, 2023Updated 2 years ago
- Autoruns plugin for the Volatility framework☆123Jul 18, 2019Updated 6 years ago
- Tool to extract the $UsnJrnl from an NTFS volume☆109Jul 30, 2019Updated 6 years ago
- A modern Python-3-based alternative to RegRipper☆208Mar 31, 2025Updated 11 months ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆473Jan 19, 2019Updated 7 years ago
- An advanced parser for INDX records☆29Aug 7, 2019Updated 6 years ago
- Parses for Google Analytic values in raw files like RAM, DD images etc.☆18Apr 17, 2016Updated 9 years ago
- Maps process creation logged by Sysmon uses Google Org Chart API☆23Mar 5, 2016Updated 10 years ago
- IOC-EDT is an open source web based tool for creating indicators of compromise in the OpenIOC (http://www.openioc.org) format.☆18May 10, 2014Updated 11 years ago
- Yara rules for malware families seen as part of targeted threats project☆141Nov 17, 2016Updated 9 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- Automation for VirusTotal☆31May 6, 2016Updated 9 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- List of scripts used for malware analysis☆15Aug 10, 2015Updated 10 years ago