superponible / volatility-plugins

Related projects: ⓘ

• ANSSI-FR / bmc-tools
  RDP Bitmap Cache parser
  ☆463Updated 9 months ago
• volatilityfoundation / community
  Volatility plugins developed and maintained by the community
  ☆339Updated 3 years ago
• volatilityfoundation / profiles
  Volatility profiles for Linux and Mac OS X
  ☆317Updated last year
• DidierStevens / Beta
  Beta versions of my software
  ☆245Updated 11 months ago
• mandiant / win10_volatility
  An advanced memory forensics framework
  ☆92Updated 4 years ago
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆128Updated last year
• f0wl / MalwareLab_VM-Setup
  Setup scripts for my Malware Analysis VMs
  ☆243Updated 2 years ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆198Updated 2 years ago
• hiddenillusion / AnalyzePE
  Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.
  ☆202Updated 10 years ago
• OALabs / BlobRunner
  Quickly debug shellcode extracted during malware analysis
  ☆547Updated last year
• davidpany / WMI_Forensics
  ☆293Updated 4 years ago
• Grazfather / PracticalMalwareLabs
  Keep track of the labs from the book "Practical Malware Analysis"
  ☆166Updated 5 years ago
• WithSecureLabs / snake
  snake - a malware storage zoo
  ☆217Updated last year
• dzzie / SCDBG
  ☆203Updated this week
• tomchop / volatility-autoruns
  Autoruns plugin for the Volatility framework
  ☆118Updated 5 years ago
• R3MRUM / PSDecode
  PowerShell script for deobfuscating encoded PowerShell scripts
  ☆416Updated 3 years ago
• mkorman90 / VolatilityBot
  VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  ☆263Updated 3 years ago
• mandiant / Vulnerability-Disclosures
  ☆183Updated 3 weeks ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆180Updated 4 years ago
• houjingyi233 / office-exploit-case-study
  ☆371Updated 8 months ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆218Updated 4 years ago
• joesecurity / pafishmacro
  Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …
  ☆278Updated 7 years ago
• abhisek / reverse-engineering-and-malware-analysis
  Course content and slides from my ancient training on Reverse Engineering & Malware Analysis
  ☆139Updated 4 years ago
• travisfoley / dfirtriage
  Digital forensic acquisition tool for Windows based incident response.
  ☆328Updated 4 months ago
• felixweyne / imaginaryC2
  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …
  ☆444Updated last year
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 4 years ago
• Xen0ph0n / YaraGenerator
  Automatic Yara Rule Generation
  ☆328Updated 8 years ago
• msuhanov / dfir_ntfs
  An NTFS/FAT parser for digital forensics & incident response
  ☆189Updated last year
• silence-is-best / c2db
  c2 traffic
  ☆187Updated last year
• atxsinn3r / VulnCases
  Vulnerability examples.
  ☆398Updated 4 months ago