tribalchicken / volatility-bitlocker
Volatility plugin to extract BitLocker Full Volume Encryption Keys (FVEK)
☆62Updated 3 years ago
Related projects: ⓘ
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆33Updated 4 years ago
- Comae Hibernation File Decompressor☆141Updated last year
- volatility explorer☆90Updated 3 years ago
- An advanced memory forensics framework☆92Updated 4 years ago
- Windows link file (shortcuts) examiner☆65Updated 3 months ago
- ☆53Updated 3 years ago
- Set of tools to analyze Tinynuke samples☆15Updated 2 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Updated 5 years ago
- Documentation and parsers for different anti-virus quarantine formats.☆41Updated 3 years ago
- Extract compressed memory pages from page-aligned data☆41Updated 5 years ago
- Google Chrome internals analysis using Volatility☆39Updated last year
- Automatically exported from code.google.com/p/mac-osx-forensics☆26Updated 8 years ago
- Script that checks for available updates for the most commonly used Digital Forensics tools☆57Updated 3 years ago
- Manipulate timestamps on NTFS☆48Updated 9 years ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆53Updated 4 months ago
- ☆64Updated this week
- Library and tools to access the Windows Prefetch File (SCCA) format.☆70Updated last month
- Telsy CTI Research Team☆57Updated 3 years ago
- ☆13Updated 2 years ago
- CLI tool to analyze PE files☆83Updated last year
- ☆66Updated last year
- Radare2 Metadata Extraction to Elasticsearch☆21Updated 4 months ago
- TA505 unpacker Python 2.7☆45Updated 4 years ago
- Python emulator for Excel XLM macros.☆18Updated 4 years ago
- Yet another registry parser☆128Updated 2 years ago
- Volatility3 plugins developed and maintained by the community☆41Updated last year
- ☆18Updated 11 years ago
- Generate YARA rules for OOXML documents.☆37Updated last year
- Carves and recreates VSS catalog and store from Windows disk image.☆96Updated last year
- Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key)☆215Updated 8 years ago