memoryforensics1 / VolExp
volatility explorer
☆90Updated 3 years ago
Related projects: ⓘ
- Windows symbol tables for Volatility 3☆72Updated 2 months ago
- Volatility3 plugins developed and maintained by the community☆41Updated last year
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆99Updated 5 months ago
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆33Updated 4 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆145Updated 8 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- A small utility to deal with malware embedded hashes.☆48Updated 11 months ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆72Updated last month
- Lazarus analysis tools and research report☆54Updated 8 months ago
- AdHoc solutions☆48Updated last year
- A small util to brute-force prefetch hashes☆73Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆49Updated 4 months ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆80Updated last year
- Use YARA rules on Time Travel Debugging traces☆86Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆190Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆216Updated 6 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆57Updated last year
- ☆75Updated 3 weeks ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 9 months ago
- Elastic Security Labs releases☆46Updated 3 weeks ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆53Updated 4 months ago
- Cobalt Strike Beacon configuration extractor and parser.☆142Updated 3 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- ☆34Updated last year
- Telsy CTI Research Team☆57Updated 3 years ago
- Python based CLI for MalwareBazaar☆36Updated 9 months ago
- Finding secrets in kernel and user memory☆112Updated last year
- Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.☆55Updated last year
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆122Updated 2 years ago
- Scripts to aid analysis of files obfuscated with ScatterBee.☆15Updated last year