mandiant / rvmi-rekallView external linksLinks
Rekall Forensics and Incident Response Framework with rVMI extensions
☆33Mar 25, 2021Updated 4 years ago
Alternatives and similar repositories for rvmi-rekall
Users that are interested in rvmi-rekall are comparing it to the libraries listed below
Sorting:
- Linux-KVM with rVMI extensions☆22Aug 28, 2017Updated 8 years ago
- QEMU with rVMI extensions☆25Jul 25, 2017Updated 8 years ago
- Azure Deployment Templates for Mandiant Managed Huning☆12Jun 1, 2023Updated 2 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- ☆82Jul 5, 2016Updated 9 years ago
- rVMI - A New Paradigm For Full System Analysis☆359Oct 4, 2017Updated 8 years ago
- ☆10Nov 21, 2023Updated 2 years ago
- DEPRECATED avatar-panda repository; please use https://github.com/panda-re/panda☆13Mar 19, 2021Updated 4 years ago
- Poison Ivy Appendix/Extras☆18Aug 21, 2013Updated 12 years ago
- Dalvik Header Plugin for IDA Pro☆23Jan 22, 2013Updated 13 years ago
- Capstone Engine bindings on PHP 7.0+☆12Sep 22, 2022Updated 3 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆14Dec 27, 2025Updated last month
- A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.☆15May 28, 2019Updated 6 years ago
- please use https://github.com/fireeye/vivisect instead☆16Oct 21, 2025Updated 3 months ago
- Utilities for the memory forensics framework☆22Jul 31, 2018Updated 7 years ago
- No-Script Automation Tool☆56Aug 6, 2018Updated 7 years ago
- 🔥 A repository for collecting cyberdefense thoughts, books, and documents about AI cyberdefense☆13Jul 2, 2023Updated 2 years ago
- Mac osx forensics tools☆12Nov 28, 2020Updated 5 years ago
- Repository to store the Threat Reports made by the McAfee Enterprise ATR Team☆10Oct 11, 2018Updated 7 years ago
- Resources for HFS+ Forensics☆37Nov 15, 2015Updated 10 years ago
- ☆17Apr 13, 2018Updated 7 years ago
- Basic x86 Symbolic Execution for educational purposes☆18May 8, 2017Updated 8 years ago
- This script dynamically decodes and executes a Base64 encoded Mimikatz script, allowing users to bypass security measures and run specifi…☆20Jul 9, 2024Updated last year
- messing around writing reversing tools in clojure☆15Nov 9, 2017Updated 8 years ago
- Pdf File : Exfiltration and Uploading DATA by DNS Traffic (AAAA Records)☆10Jun 7, 2023Updated 2 years ago
- This repository provides a comprehensive Digital Footprint Checklist to help individuals manage their online presence and enhance privacy…☆17Dec 25, 2024Updated last year
- Incident Response Triage - Windows Evidence Collection for Forensic Analysis☆136Apr 21, 2016Updated 9 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆17Feb 5, 2016Updated 10 years ago
- Encase Script to parse harddrive for MFT data☆16Jun 17, 2016Updated 9 years ago
- It's not just UsnJrnl (USN Journal Records/Change Journal Records) parser.☆23Nov 11, 2018Updated 7 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).☆16Dec 20, 2019Updated 6 years ago
- An advanced memory forensics framework☆96Sep 26, 2019Updated 6 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆40Dec 14, 2018Updated 7 years ago
- This project is a lightweight wrapper for interacting with WMI using python/ctypes☆38Apr 6, 2019Updated 6 years ago
- Python bindings for ssdeep☆90Feb 6, 2022Updated 4 years ago
- PowerShell script to bypass UAC using DCCW☆19Jul 29, 2017Updated 8 years ago
- Extract unencrypted SSH keys from pageant memory dump☆15Oct 3, 2015Updated 10 years ago
- Python OpenIOC Editor☆18Dec 28, 2015Updated 10 years ago