mandiant / win10_rekallView external linksLinks
Rekall Memory Forensic Framework
☆33Aug 5, 2019Updated 6 years ago
Alternatives and similar repositories for win10_rekall
Users that are interested in win10_rekall are comparing it to the libraries listed below
Sorting:
- ☆24Aug 30, 2019Updated 6 years ago
- An advanced memory forensics framework☆96Sep 26, 2019Updated 6 years ago
- A 64 bit OS☆10Nov 12, 2025Updated 3 months ago
- Exploits I've authored☆60Aug 13, 2019Updated 6 years ago
- A debugger in Python for Cisco c3560☆10Apr 24, 2018Updated 7 years ago
- Indicator of Compromise Scanner for CVE-2019-19781☆94Mar 25, 2020Updated 5 years ago
- ☆11Mar 12, 2021Updated 4 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 7 months ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Mac osx forensics tools☆12Nov 28, 2020Updated 5 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated last year
- ☆24Apr 22, 2025Updated 9 months ago
- Public exploits☆16May 28, 2018Updated 7 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆19Jun 6, 2022Updated 3 years ago
- PoC for CVE-2019-10207☆20Mar 27, 2022Updated 3 years ago
- Fixed memory overflow issue in ProcessHider.☆16May 27, 2018Updated 7 years ago
- A suite of Volatility 3 plugins for memory forensics of Docker containers☆18Jan 10, 2024Updated 2 years ago
- This project is a lightweight wrapper for interacting with WMI using python/ctypes☆38Apr 6, 2019Updated 6 years ago
- Vocabulary Scraper script used in FLARE's analysis of Russian-language Carbanak source code☆37Apr 22, 2019Updated 6 years ago
- Ghidra analyzer for UEFI firmware.☆18Jun 24, 2023Updated 2 years ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated last month
- Library for Windows XML Event Log (EVTX) data types☆18Dec 17, 2025Updated last month
- A tool for fuzzing for ports that allow outgoing connections☆17Oct 15, 2018Updated 7 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Jul 15, 2021Updated 4 years ago
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 4 years ago
- ☆19Jun 20, 2019Updated 6 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Sep 18, 2018Updated 7 years ago
- ☆22Jul 6, 2018Updated 7 years ago
- Automated library compilation and PDB annotation with CMake and IDA Pro☆23Sep 20, 2018Updated 7 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Apr 10, 2024Updated last year
- Recover event log entries from an image by heurisitically looking for record structures.☆26Oct 9, 2015Updated 10 years ago
- A generic security incident response playbook investigating and responding to potential compromises of Okta's internal systems, in the co…☆20Mar 24, 2022Updated 3 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 5 years ago
- This repository contains free Hybrid Analysis contributions to the IT-Security community☆27May 6, 2021Updated 4 years ago
- A PowerShell function that scans for the existence of a Sticky Keys backdoor.☆24Aug 10, 2017Updated 8 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 4 months ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆83Aug 4, 2021Updated 4 years ago