p0dalirius / volatility3-symbolsLinks
Memory mapping profiles for forensic analysis using volatility 3
☆26Updated 3 years ago
Alternatives and similar repositories for volatility3-symbols
Users that are interested in volatility3-symbols are comparing it to the libraries listed below
Sorting:
- Memory mapping profiles for forensic analysis using volatility 2☆47Updated 2 years ago
- ☆92Updated last year
- Local & remote Windows DLL Proxying☆164Updated 11 months ago
- Finding secrets in kernel and user memory☆116Updated last year
- ☆183Updated 2 years ago
- This repository contains a list of python scripts to work with Microsoft RPC for research purposes.☆45Updated 4 months ago
- Powershell Linter☆53Updated last month
- ☆147Updated last year
- CVE-2023-34362: MOVEit Transfer Unauthenticated RCE☆64Updated last year
- ☆59Updated last year
- Collection of my volatility3 plugins☆18Updated 9 months ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆103Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆212Updated 2 years ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated last year
- Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers☆121Updated 8 months ago
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆131Updated 6 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆115Updated 2 months ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆62Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- ☆155Updated 5 months ago
- PoCs of RCEs against open source C2 servers☆81Updated 8 months ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆119Updated 11 months ago
- A collection of tools and detections for the Sliver C2 Frameworj☆126Updated 2 years ago
- ☆78Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆90Updated 11 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆61Updated 5 months ago
- ☆20Updated last year
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆93Updated 2 years ago
- ☆36Updated 6 months ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆83Updated 3 years ago