Alternatives and similar repositories for volatility-plugins

Users that are interested in volatility-plugins are comparing it to the libraries listed below

• volatilityfoundation / community
  Volatility plugins developed and maintained by the community
  ☆365Updated 4 years ago
• DidierStevens / Beta
  Beta versions of my software
  ☆259Updated last month
• volatilityfoundation / profiles
  Volatility profiles for Linux and Mac OS X
  ☆325Updated 2 years ago
• ANSSI-FR / bmc-tools
  RDP Bitmap Cache parser
  ☆549Updated 6 months ago
• mandiant / win10_volatility
  An advanced memory forensics framework
  ☆96Updated 5 years ago
• R3MRUM / PSDecode
  PowerShell script for deobfuscating encoded PowerShell scripts
  ☆425Updated 4 years ago
• kevthehermit / volatility_plugins
  Volatility Plugins
  ☆64Updated 2 years ago
• f0wl / MalwareLab_VM-Setup
  Setup scripts for my Malware Analysis VMs
  ☆254Updated 3 years ago
• OALabs / BlobRunner
  Quickly debug shellcode extracted during malware analysis
  ☆606Updated 2 years ago
• hiddenillusion / AnalyzePE
  Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.
  ☆206Updated 11 years ago
• EricZimmerman / AmcacheParser
  Parses amcache.hve files, but with a twist!
  ☆140Updated 6 months ago
• mandiant / Vulnerability-Disclosures
  ☆206Updated last month
• JPCERTCC / aa-tools
  Artifact analysis tools by JPCERT/CC Analysis Center
  ☆460Updated last year
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆139Updated 2 years ago
• SafeEval / practical-malware-analysis
  Exercise writeups from the book Practical Malware Analysis.
  ☆226Updated last year
• DissectMalware / XLMMacroDeobfuscator
  Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
  ☆583Updated last year
• silence-is-best / c2db
  c2 traffic
  ☆189Updated 2 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆135Updated 2 years ago
• davidpany / WMI_Forensics
  ☆304Updated 4 years ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆220Updated 5 years ago
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 5 years ago
• Grazfather / PracticalMalwareLabs
  Keep track of the labs from the book "Practical Malware Analysis"
  ☆171Updated 6 years ago
• DarkenCode / yara-rules
  Repository of yara rules
  ☆46Updated 9 years ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆213Updated 3 years ago
• kirk-sayre-work / VBASeismograph
  A tool for detecting VBA stomping.
  ☆100Updated 3 years ago
• pentesteracademy / patoolkit
  PA Toolkit is a collection of traffic analysis plugins focused on security
  ☆433Updated 5 years ago
• netspooky / inhale
  A malware analysis and classification tool.
  ☆190Updated 3 years ago
• felixweyne / imaginaryC2
  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …
  ☆447Updated 2 years ago
• BSI-Bund / RdpCacheStitcher
  RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
  ☆283Updated last year
• Te-k / cobaltstrike
  Code and yara rules to detect and analyze Cobalt Strike
  ☆269Updated 4 years ago