memoryforensics1 / VolExpLinks
volatility explorer
☆91Updated 4 years ago
Alternatives and similar repositories for VolExp
Users that are interested in VolExp are comparing it to the libraries listed below
Sorting:
- QuasarRAT analysis tools and research report☆27Updated last year
- Lazarus analysis tools and research report☆56Updated last year
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆56Updated last month
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- A small utility to deal with malware embedded hashes.☆52Updated last year
- Volatility3 plugins developed and maintained by the community☆59Updated 2 years ago
- ☆24Updated last year
- AdHoc solutions☆48Updated last year
- Unpacking and decryption tools for the Emotet malware☆45Updated 3 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- ☆22Updated last year
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago
- ☆15Updated 3 years ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- ☆34Updated 2 years ago
- A small util to brute-force prefetch hashes☆78Updated 3 years ago
- Imphash-like calculation on Golang binaries☆49Updated 3 years ago
- ☆23Updated 5 years ago
- ☆22Updated 2 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 3 years ago
- bad stuffs by bad guys☆48Updated 3 years ago
- Volatility Explorer Suit☆66Updated 2 years ago
- YARI is an interactive debugger for YARA Language.☆88Updated 2 months ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆136Updated 3 weeks ago
- Batch script to compile a binary shellcode blob into an exe file☆88Updated 6 years ago
- ☆45Updated 2 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated 2 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Updated last year
- Tools that trigger False Positive AV alerts☆50Updated 8 months ago
- Repository of Yara rules created by the Stratosphere team☆26Updated 4 years ago