superponible / volatility-pluginsLinks
Plugins I've written for Volatility
☆207Updated last year
Alternatives and similar repositories for volatility-plugins
Users that are interested in volatility-plugins are comparing it to the libraries listed below
Sorting:
- Volatility plugins developed and maintained by the community☆365Updated 4 years ago
- Beta versions of my software☆260Updated 2 months ago
- Volatility profiles for Linux and Mac OS X☆326Updated 2 years ago
- RDP Bitmap Cache parser☆564Updated 7 months ago
- Volatility Plugins☆64Updated 2 years ago
- An advanced memory forensics framework☆96Updated 5 years ago
- Setup scripts for my Malware Analysis VMs☆256Updated 3 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆425Updated 4 years ago
- Cuckoo running in a nested hypervisor☆128Updated 5 years ago
- ☆208Updated 2 months ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆462Updated last week
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆139Updated 2 years ago
- ☆303Updated 5 years ago
- Repository of yara rules☆47Updated 9 years ago
- Parses amcache.hve files, but with a twist!☆140Updated 7 months ago
- Parser for $LogFile on NTFS☆202Updated 2 months ago
- Keep track of the labs from the book "Practical Malware Analysis"☆171Updated 6 years ago
- Quickly debug shellcode extracted during malware analysis☆610Updated 2 years ago
- Generating YARA rules based on binary code☆215Updated 3 years ago
- Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.☆206Updated 11 years ago
- snake - a malware storage zoo☆216Updated 2 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 5 years ago
- Windows symbol tables for Volatility 3☆89Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆254Updated 2 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆287Updated last year
- Windows Shortcut file (LNK) parser☆136Updated 2 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆269Updated 4 years ago
- Malware Sandboxes & Malware Source☆97Updated 8 years ago
- An NTFS/FAT parser for digital forensics & incident response☆208Updated 9 months ago
- Volatility3 plugins developed and maintained by the community☆59Updated 2 years ago