mandiant/win10_volatility external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mandiant/win10_volatility

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mandiant/win10_volatility)

Close

mandiant / win10_volatilityView on GitHubMore

• External links
• Readme badge

An advanced memory forensics framework

☆96Sep 26, 2019Updated 6 years ago

Alternatives and similar repositories for win10_volatility

Users that are interested in win10_volatility are comparing it to the libraries listed below

• mandiant / win10_rekall

  View on GitHub
  Rekall Memory Forensic Framework
  ☆33Aug 5, 2019Updated 6 years ago
• mandiant / vivisect

  View on GitHub
  pure Python binary analysis framework
  ☆23Oct 26, 2018Updated 7 years ago
• 4n6ist / usn_analytics

  View on GitHub
  It's not just UsnJrnl (USN Journal Records/Change Journal Records) parser.
  ☆23Nov 11, 2018Updated 7 years ago
• x64dbg / x64dbgpy3

  View on GitHub
  WIP python3 plugin for x64dbg
  ☆16Mar 31, 2021Updated 4 years ago
• msuhanov / registry-miner

  View on GitHub
  Registry Miner
  ☆14Apr 10, 2018Updated 7 years ago
• mandiant / flare-kscldr

  View on GitHub
  FLARE Kernel Shellcode Loader
  ☆178May 3, 2019Updated 6 years ago
• kasif-dekel / random-stuff

  View on GitHub
  bunch of random stuff
  ☆21Apr 11, 2020Updated 5 years ago
• aleksost / MemoryDecompression

  View on GitHub
  Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.
  ☆51Apr 9, 2019Updated 6 years ago
• 0xd0cf11e / ghidra

  View on GitHub
  Anything related to Ghidra
  ☆12Apr 22, 2019Updated 6 years ago
• ZehMatt / DrCodeCov

  View on GitHub
  Code Coverage client for DynamoRIO
  ☆12Jan 20, 2019Updated 7 years ago
• mandiant / rvmi-rekall

  View on GitHub
  Rekall Forensics and Incident Response Framework with rVMI extensions
  ☆33Mar 25, 2021Updated 4 years ago
• revolver-ocelot-saa / GhidraX64Dbg

  View on GitHub
  Extract annoations from Ghidra into an X32/X64 dbg database
  ☆57Feb 24, 2021Updated 5 years ago
• RceNinja / Re-Scripts

  View on GitHub
  ☆35Jul 20, 2021Updated 4 years ago
• robomotic / pemeta

  View on GitHub
  Simple tool to extract icons from a pe file and other useful information
  ☆13Jun 22, 2018Updated 7 years ago
• Velocidex / c-aff4

  View on GitHub
  An AFF4 C++ implementation.
  ☆214Mar 24, 2023Updated 2 years ago
• kacos2000 / WinHex_Templates

  View on GitHub
  X-Ways Forensic/ WinHex templates
  ☆50Jan 25, 2022Updated 4 years ago
• mandiant / win10_auto

  View on GitHub
  ☆24Aug 30, 2019Updated 6 years ago
• matonis / page_brute

  View on GitHub
  Page File analysis tools.
  ☆131Dec 3, 2015Updated 10 years ago
• ydkhatri / Appx-Analysis

  View on GitHub
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆19Feb 26, 2024Updated 2 years ago
• BitsOfBinary / ghidra-scripts

  View on GitHub
  My collection of scripts for Ghidra (https://github.com/NationalSecurityAgency/ghidra)
  ☆10Sep 13, 2020Updated 5 years ago
• Silv3rHorn / autoripy

  View on GitHub
  Attempt to replicate the functions of auto_rip by Corey Harrell in Python.
  ☆12Aug 4, 2024Updated last year
• daveherrald / SA_plaso-app-for-splunk

  View on GitHub
  ☆16Apr 16, 2017Updated 8 years ago
• mandiant / DFUR-Splunk-App

  View on GitHub
  The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.
  ☆13Sep 9, 2020Updated 5 years ago
• ydkhatri / macOS_FE

  View on GitHub
  Tools for macOS Forensic Bootable media
  ☆15May 20, 2020Updated 5 years ago
• mandiant / pulsesecure_exploitation_countermeasures

  View on GitHub
  ☆23Jun 1, 2023Updated 2 years ago
• jschicht / Indx2Csv

  View on GitHub
  An advanced parser for INDX records
  ☆29Aug 7, 2019Updated 6 years ago
• mandiant / flare-wmi

  View on GitHub
  ☆432May 3, 2023Updated 2 years ago
• kacos2000 / WindowsTimeline

  View on GitHub
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆196Feb 16, 2023Updated 3 years ago
• d00rt / emotet_research

  View on GitHub
  ☆136Jan 24, 2019Updated 7 years ago
• airbus-cert / regrippy

  View on GitHub
  A modern Python-3-based alternative to RegRipper
  ☆205Mar 31, 2025Updated 11 months ago
• jschicht / UsnJrnl2Csv

  View on GitHub
  Parser for $UsnJrnl on NTFS
  ☆120Nov 27, 2022Updated 3 years ago
• zerber0s / mac_int

  View on GitHub
  macOS Artifact Intelligence Tool
  ☆13Apr 30, 2019Updated 6 years ago
• Recruit-CSIRT / LinuxTriage

  View on GitHub
  R-CSIRT Linux Triage tool
  ☆39Jun 28, 2018Updated 7 years ago
• shamrockhoax / mazedecoder

  View on GitHub
  ☆29May 10, 2020Updated 5 years ago
• fireeye / brocapi

  View on GitHub
  Bro PCAP Processing and Tagging API
  ☆28Nov 9, 2017Updated 8 years ago
• msuhanov / dfir_ntfs

  View on GitHub
  An NTFS/FAT parser for digital forensics & incident response
  ☆220Oct 31, 2025Updated 4 months ago
• carbonblack / binee

  View on GitHub
  Binee: binary emulation environment
  ☆530Feb 25, 2023Updated 3 years ago
• Silv3rHorn / 4n6_misc

  View on GitHub
  Miscellaneous Scripts
  ☆17Sep 11, 2020Updated 5 years ago
• ppt0 / easyhunting

  View on GitHub
  Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way
  ☆19Jun 6, 2022Updated 3 years ago