microsoft / avmlLinks
AVML - Acquire Volatile Memory for Linux
☆955Updated this week
Alternatives and similar repositories for avml
Users that are interested in avml are comparing it to the libraries listed below
Sorting:
- RegRipper3.0☆615Updated 6 months ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆591Updated 2 weeks ago
- A Fast (and safe) parser for the Windows XML Event Log (EVTX) format☆762Updated 3 months ago
- A rewrite of YARA in Rust.☆802Updated this week
- Distributed malware processing framework based on Python, Redis and S3.☆430Updated last week
- Indicators of Compromises (IOC) of our various investigations☆1,788Updated 2 weeks ago
- ReversingLabs YARA Rules☆823Updated last week
- Digital Forensics artifact repository☆1,129Updated 5 months ago
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,149Updated this week
- Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts…☆1,012Updated last month
- The multi-platform memory acquisition tool.☆801Updated 6 months ago
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆994Updated 2 weeks ago
- Repository of YARA rules made by Trellix ATR Team☆600Updated 3 months ago
- yarGen is a generator for YARA rules☆1,654Updated 2 months ago
- Sysmon for Linux☆1,900Updated last month
- Signatures and IoCs from public Volexity blog posts.☆355Updated last month
- This repository serves as a place for community created Targets and Modules for use with KAPE.☆742Updated this week
- Rekall Memory Forensic Framework☆1,960Updated 4 years ago
- Sophos-originated indicators-of-compromise from published reports☆599Updated 2 weeks ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,160Updated 2 months ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆479Updated 8 months ago
- LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices…☆1,826Updated 8 months ago
- Super timeline all the things☆1,866Updated 3 weeks ago
- Online hash checker for Virustotal and other services☆829Updated 3 months ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆635Updated this week
- High Octane Triage Analysis☆734Updated this week
- YARA signature and IOC database for my scanners and tools☆2,657Updated 3 weeks ago
- Volatility plugins developed and maintained by the community☆364Updated 4 years ago
- The Volatility Collaborative GUI☆246Updated last week
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆708Updated 2 years ago