Alternatives and similar repositories for volatility-plugins:

Users that are interested in volatility-plugins are comparing it to the libraries listed below

• volatilityfoundation / community
  Volatility plugins developed and maintained by the community
  ☆359Updated 4 years ago
• volatilityfoundation / profiles
  Volatility profiles for Linux and Mac OS X
  ☆322Updated 2 years ago
• ANSSI-FR / bmc-tools
  RDP Bitmap Cache parser
  ☆523Updated 3 months ago
• DidierStevens / Beta
  Beta versions of my software
  ☆251Updated this week
• mandiant / win10_volatility
  An advanced memory forensics framework
  ☆95Updated 5 years ago
• f0wl / MalwareLab_VM-Setup
  Setup scripts for my Malware Analysis VMs
  ☆252Updated 3 years ago
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆137Updated 2 years ago
• OALabs / BlobRunner
  Quickly debug shellcode extracted during malware analysis
  ☆602Updated last year
• tomchop / volatility-autoruns
  Autoruns plugin for the Volatility framework
  ☆121Updated 5 years ago
• hiddenillusion / AnalyzePE
  Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.
  ☆205Updated 11 years ago
• R3MRUM / PSDecode
  PowerShell script for deobfuscating encoded PowerShell scripts
  ☆425Updated 4 years ago
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 4 years ago
• davidpany / WMI_Forensics
  ☆302Updated 4 years ago
• decalage2 / oledump-contrib
  The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.
  ☆52Updated 8 years ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆192Updated last month
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆208Updated 3 years ago
• felixweyne / imaginaryC2
  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …
  ☆447Updated 2 years ago
• silence-is-best / c2db
  c2 traffic
  ☆188Updated 2 years ago
• kevthehermit / VolUtility
  Web App for Volatility framework
  ☆380Updated 5 months ago
• Grazfather / PracticalMalwareLabs
  Keep track of the labs from the book "Practical Malware Analysis"
  ☆170Updated 5 years ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆91Updated 4 years ago
• msuhanov / dfir_ntfs
  An NTFS/FAT parser for digital forensics & incident response
  ☆203Updated 5 months ago
• SafeEval / practical-malware-analysis
  Exercise writeups from the book Practical Malware Analysis.
  ☆206Updated last year
• JPCERTCC / Windows-Symbol-Tables
  Windows symbol tables for Volatility 3
  ☆83Updated 9 months ago
• EricZimmerman / AmcacheParser
  Parses amcache.hve files, but with a twist!
  ☆132Updated 3 months ago
• BSI-Bund / RdpCacheStitcher
  RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
  ☆256Updated last year
• Neo23x0 / DLLRunner
  Smart DLL execution for malware analysis in sandbox systems
  ☆143Updated 10 years ago
• travisfoley / dfirtriage
  Digital forensic acquisition tool for Windows based incident response.
  ☆338Updated 11 months ago
• kevthehermit / volatility_plugins
  Volatility Plugins
  ☆61Updated last year
• jschicht / UsnJrnl2Csv
  Parser for $UsnJrnl on NTFS
  ☆110Updated 2 years ago