superponible / volatility-pluginsLinks
Plugins I've written for Volatility
☆210Updated last year
Alternatives and similar repositories for volatility-plugins
Users that are interested in volatility-plugins are comparing it to the libraries listed below
Sorting:
- Volatility plugins developed and maintained by the community☆368Updated 4 years ago
- Beta versions of my software☆264Updated 4 months ago
- Volatility profiles for Linux and Mac OS X☆325Updated 2 years ago
- RDP Bitmap Cache parser☆575Updated 9 months ago
- An advanced memory forensics framework☆96Updated 6 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆426Updated 4 years ago
- Volatility Plugins☆64Updated 2 years ago
- Parses amcache.hve files, but with a twist!☆142Updated 9 months ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆463Updated 2 months ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆141Updated 3 years ago
- Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.☆206Updated 11 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 5 years ago
- Repository of yara rules☆48Updated 10 years ago
- Quickly debug shellcode extracted during malware analysis☆612Updated 2 years ago
- ☆306Updated 5 years ago
- Generating YARA rules based on binary code☆216Updated 4 years ago
- Cuckoo running in a nested hypervisor☆128Updated 5 years ago
- c2 traffic☆191Updated 2 years ago
- YARA Rules I come across on the internet☆352Updated last year
- Replay RDP traffic from PCAP☆199Updated 6 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆584Updated last year
- snake - a malware storage zoo☆217Updated 2 years ago
- Setup scripts for my Malware Analysis VMs☆256Updated 3 years ago
- A tool for de-obfuscating PowerShell scripts☆71Updated 6 years ago
- A tool for detecting VBA stomping.☆100Updated 3 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆447Updated 3 years ago
- Parse evtx files and detect use of the DanderSpritz eventlogedit module☆148Updated 7 years ago
- Volatility plugin to extract BitLocker Full Volume Encryption Keys (FVEK)☆70Updated 4 years ago
- Keep track of the labs from the book "Practical Malware Analysis"☆171Updated 6 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆199Updated 7 months ago