Rekall Memory Forensic Framework
☆33Aug 5, 2019Updated 6 years ago
Alternatives and similar repositories for win10_rekall
Users that are interested in win10_rekall are comparing it to the libraries listed below
Sorting:
- ☆24Aug 30, 2019Updated 6 years ago
- An advanced memory forensics framework☆96Sep 26, 2019Updated 6 years ago
- A 64 bit OS☆10Nov 12, 2025Updated 3 months ago
- ☆51Apr 13, 2020Updated 5 years ago
- A debugger in Python for Cisco c3560☆10Apr 24, 2018Updated 7 years ago
- ☆11Mar 12, 2021Updated 4 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- Indicator of Compromise Scanner for CVE-2019-19781☆94Mar 25, 2020Updated 5 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- Public exploits☆16May 28, 2018Updated 7 years ago
- ☆24Apr 22, 2025Updated 10 months ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- PoC for CVE-2019-10207☆20Mar 27, 2022Updated 3 years ago
- It's not just UsnJrnl (USN Journal Records/Change Journal Records) parser.☆23Nov 11, 2018Updated 7 years ago
- A suite of Volatility 3 plugins for memory forensics of Docker containers☆18Jan 10, 2024Updated 2 years ago
- Fixed memory overflow issue in ProcessHider.☆16May 27, 2018Updated 7 years ago
- Extract compressed memory pages from page-aligned data☆47Sep 25, 2018Updated 7 years ago
- AntiFuzz: Impeding Fuzzing Audits of Binary Executables☆104Mar 25, 2021Updated 4 years ago
- This project is a lightweight wrapper for interacting with WMI using python/ctypes☆38Apr 6, 2019Updated 6 years ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated 2 months ago
- Library for Windows XML Event Log (EVTX) data types☆18Dec 17, 2025Updated 2 months ago
- Ghidra analyzer for UEFI firmware.☆18Jun 24, 2023Updated 2 years ago
- Basic tool to automate backdooring PE files☆56Feb 24, 2022Updated 4 years ago
- ☆19Jun 20, 2019Updated 6 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆19Jul 15, 2021Updated 4 years ago
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Sep 18, 2018Updated 7 years ago
- Based on http://windows-internals.com/source/files.html by Alex Ionescu☆28Apr 14, 2019Updated 6 years ago
- Automated library compilation and PDB annotation with CMake and IDA Pro☆21Sep 20, 2018Updated 7 years ago
- iknowthis Linux SystemCall Fuzzer☆20Apr 18, 2019Updated 6 years ago
- ☆22Jul 6, 2018Updated 7 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Apr 10, 2024Updated last year
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- ☆31Feb 15, 2017Updated 9 years ago
- Recover event log entries from an image by heurisitically looking for record structures.☆26Oct 9, 2015Updated 10 years ago
- A PowerShell function that scans for the existence of a Sticky Keys backdoor.☆24Aug 10, 2017Updated 8 years ago
- A generic security incident response playbook investigating and responding to potential compromises of Okta's internal systems, in the co…☆20Mar 24, 2022Updated 3 years ago