memoryforensics1 / VolExpLinks
volatility explorer
☆91Updated 4 years ago
Alternatives and similar repositories for VolExp
Users that are interested in VolExp are comparing it to the libraries listed below
Sorting:
- Volatility3 plugins developed and maintained by the community☆58Updated 2 years ago
- Volatility Explorer Suit☆65Updated 2 years ago
- Windows symbol tables for Volatility 3☆87Updated 11 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- A small utility to deal with malware embedded hashes.☆51Updated last year
- Lazarus analysis tools and research report☆56Updated last year
- QuasarRAT analysis tools and research report☆27Updated last year
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆54Updated 4 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- ☆34Updated 2 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆167Updated this week
- Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality☆83Updated 2 years ago
- ☆24Updated last year
- A small util to brute-force prefetch hashes☆77Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 2 years ago
- Manipulate timestamps on NTFS☆52Updated 10 years ago
- An advanced memory forensics framework☆94Updated 5 years ago
- YARA rule analyzer to improve rule quality and performance☆102Updated 2 months ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆128Updated 6 months ago
- Batch script to compile a binary shellcode blob into an exe file☆86Updated 5 years ago
- Volatility Plugins☆63Updated last year
- Telsy CTI Research Team☆57Updated 4 years ago
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆50Updated 5 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆167Updated 2 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆125Updated 3 years ago
- Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.☆61Updated last year
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆36Updated 2 years ago
- Volatility Symbol Generator for Linux Kernels☆35Updated last year
- Unpacking and decryption tools for the Emotet malware☆47Updated 3 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago