mandiant/Volatility-Plugins

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mandiant/Volatility-Plugins)

mandiant / Volatility-Plugins

☆83

Alternatives and similar repositories for Volatility-Plugins

Users that are interested in Volatility-Plugins are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

fireeye / tools
View on GitHub
general purpose and malware specific analysis tools
☆101Oct 22, 2015Updated 10 years ago
mandiant / flare-wmi
View on GitHub
☆433May 3, 2023Updated 2 years ago
forensicmatt / RustyReg
View on GitHub
Registry to JSON. This Project is for learning purposes and is not maintained.
☆12Dec 28, 2021Updated 4 years ago
mandiant / AuditParser
View on GitHub
AuditParser
☆60Aug 28, 2013Updated 12 years ago
mandiant / pycommands
View on GitHub
PyCommand Scripts for Immunity Debugger
☆37Jun 21, 2014Updated 11 years ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
mutedmouse / ta-volatility
View on GitHub
Technical add-on to ingest json formatted volatility memory analysis plugin outputs
☆13May 21, 2018Updated 7 years ago
binglot / misc
View on GitHub
Various scrips
☆12Oct 19, 2022Updated 3 years ago
abdesslem / malwareHunter
View on GitHub
Static and automated/dynamic malware analysis
☆47Sep 28, 2015Updated 10 years ago
jjo-sec / volatility_plugins
View on GitHub
Volatility Plugins
☆22May 1, 2015Updated 10 years ago
jschicht / MftCarver
View on GitHub
Carve $MFT records from a chunk of data (for instance a memory dump)
☆16Aug 21, 2016Updated 9 years ago
keydet89 / Tools
View on GitHub
Tools from WFA 4/e, timeline tools, etc.
☆145Feb 29, 2024Updated 2 years ago
i4ki / malelf
View on GitHub
Malware analysis tool
☆22Apr 27, 2025Updated last year
mandiant / rvmi-qemu
View on GitHub
QEMU with rVMI extensions
☆25Jul 25, 2017Updated 8 years ago
mandiant / rvmi-rekall
View on GitHub
Rekall Forensics and Incident Response Framework with rVMI extensions
☆33Mar 25, 2021Updated 5 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
PwCUK-CTO / OperationCloudHopper
View on GitHub
Indicators of compromise relating to our report on APT10's targeting of global MSPs
☆10Sep 26, 2017Updated 8 years ago
grayfold3d / POSH-Triage
View on GitHub
Tools for parsing Forensic images
☆41Dec 14, 2018Updated 7 years ago
0pc0deFR / YaraRules
View on GitHub
Multiple rules for yara-project for detect compiler/packer/protector
☆33Dec 24, 2019Updated 6 years ago
mandiant / ics_mem_collect
View on GitHub
☆31Feb 15, 2017Updated 9 years ago
forensiclunch / ETLParser
View on GitHub
Binary commandline executable to parse ETL files
☆69Jun 7, 2018Updated 7 years ago
fygrave / iocmap
View on GitHub
Indicator of Compromise Mapping Service
☆12Apr 15, 2014Updated 12 years ago
airbus-cert / mispy
View on GitHub
Another MISP module for Python
☆18Feb 17, 2020Updated 6 years ago
mandiant / flare-dbg
View on GitHub
flare-dbg is a project meant to aid malware reverse engineers in rapidly developing debugger scripts.
☆149Oct 5, 2017Updated 8 years ago
strozfriedberg / ntfs-linker
View on GitHub
An NTFS journal parser
☆80Mar 3, 2016Updated 10 years ago
End-to-end encrypted email - Proton Mail • Ad
Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
504ensicsLabs / DAMM
View on GitHub
Differential Analysis of Malware in Memory
☆217Apr 16, 2017Updated 9 years ago
superponible / volatility-plugins
View on GitHub
Plugins I've written for Volatility
☆217Dec 1, 2023Updated 2 years ago
tomchop / volatility-autoruns
View on GitHub
Autoruns plugin for the Volatility framework
☆123Jul 18, 2019Updated 6 years ago
jschicht / ExtractUsnJrnl
View on GitHub
Tool to extract the $UsnJrnl from an NTFS volume
☆109Jul 30, 2019Updated 6 years ago
airbus-cert / regrippy
View on GitHub
A modern Python-3-based alternative to RegRipper
☆213Mar 31, 2025Updated last year
mandiant / iocs
View on GitHub
FireEye Publicly Shared Indicators of Compromise (IOCs)
☆472Jan 19, 2019Updated 7 years ago
jschicht / Indx2Csv
View on GitHub
An advanced parser for INDX records
☆29Aug 7, 2019Updated 6 years ago
mdegrazia / Google-Analytic-Parser
View on GitHub
Parses for Google Analytic values in raw files like RAM, DD images etc.
☆18Apr 17, 2016Updated 10 years ago
glassdfir / SysmonMapper
View on GitHub
Maps process creation logged by Sysmon uses Google Org Chart API
☆23Mar 5, 2016Updated 10 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
bluecloudws / ioceditor
View on GitHub
IOC-EDT is an open source web based tool for creating indicators of compromise in the OpenIOC (http://www.openioc.org) format.
☆18May 10, 2014Updated 11 years ago
citizenlab / malware-signatures
View on GitHub
Yara rules for malware families seen as part of targeted threats project
☆141Nov 17, 2016Updated 9 years ago
2igosha / sunburst_dga
View on GitHub
☆22Dec 22, 2020Updated 5 years ago
504ensicsLabs / find_times
View on GitHub
Discover potential timestamps within the Windows Registry
☆19Apr 22, 2014Updated 12 years ago
lolnate / vt-hunter
View on GitHub
Automation for VirusTotal
☆31May 6, 2016Updated 9 years ago
woanware / autorunner
View on GitHub
Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
☆55May 18, 2019Updated 6 years ago
Ptr32Void / AnalysisScript
View on GitHub
List of scripts used for malware analysis
☆15Aug 10, 2015Updated 10 years ago