Alternatives and similar repositories for volatility-plugins

Users that are interested in volatility-plugins are comparing it to the libraries listed below

• volatilityfoundation / community
  Volatility plugins developed and maintained by the community
  ☆372Updated 4 years ago
• DidierStevens / Beta
  Beta versions of my software
  ☆268Updated 5 months ago
• volatilityfoundation / profiles
  Volatility profiles for Linux and Mac OS X
  ☆326Updated 3 years ago
• ANSSI-FR / bmc-tools
  RDP Bitmap Cache parser
  ☆583Updated 10 months ago
• mandiant / win10_volatility
  An advanced memory forensics framework
  ☆96Updated 6 years ago
• kevthehermit / volatility_plugins
  Volatility Plugins
  ☆64Updated 2 years ago
• EricZimmerman / AmcacheParser
  Parses amcache.hve files, but with a twist!
  ☆144Updated 10 months ago
• f0wl / MalwareLab_VM-Setup
  Setup scripts for my Malware Analysis VMs
  ☆257Updated 3 years ago
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆142Updated 3 years ago
• DarkenCode / yara-rules
  Repository of yara rules
  ☆49Updated 10 years ago
• denisugarte / PowerDrive
  A tool for de-obfuscating PowerShell scripts
  ☆71Updated 6 years ago
• hiddenillusion / AnalyzePE
  Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.
  ☆208Updated 11 years ago
• davidpany / WMI_Forensics
  ☆306Updated 5 years ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆216Updated 4 years ago
• R3MRUM / PSDecode
  PowerShell script for deobfuscating encoded PowerShell scripts
  ☆428Updated 4 years ago
• JPCERTCC / aa-tools
  Artifact analysis tools by JPCERT/CC Analysis Center
  ☆464Updated 3 months ago
• JPCERTCC / MalConfScan
  Volatility plugin for extracts configuration data of known malware
  ☆496Updated last year
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆220Updated 5 years ago
• OALabs / BlobRunner
  Quickly debug shellcode extracted during malware analysis
  ☆618Updated 2 years ago
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 5 years ago
• silence-is-best / c2db
  c2 traffic
  ☆192Updated 2 years ago
• BSI-Bund / RdpCacheStitcher
  RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
  ☆296Updated 2 years ago
• mikesxrs / Open-Source-YARA-rules
  YARA Rules I come across on the internet
  ☆355Updated last year
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆202Updated 8 months ago
• msuhanov / dfir_ntfs
  An NTFS/FAT parser for digital forensics & incident response
  ☆217Updated last month
• WithSecureLabs / snake
  snake - a malware storage zoo
  ☆217Updated 2 years ago
• 0xc1r3ng / Malware-Sandboxes-Malware-Source
  Malware Sandboxes & Malware Source
  ☆102Updated 8 years ago
• tribalchicken / volatility-bitlocker
  Volatility plugin to extract BitLocker Full Volume Encryption Keys (FVEK)
  ☆70Updated 4 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆136Updated 3 years ago
• 0x0be / PEpper
  An open source script to perform malware static analysis on Portable Executable
  ☆318Updated 2 years ago