Alternatives and similar repositories for volatility-bitlocker

Users that are interested in volatility-bitlocker are comparing it to the libraries listed below

• MagnetForensics / Hibr2Bin
  Comae Hibernation File Decompressor
  ☆150Updated 2 years ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆91Updated 4 years ago
• mandiant / win10_volatility
  An advanced memory forensics framework
  ☆94Updated 5 years ago
• breppo / Volatility-BitLocker
  Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…
  ☆50Updated 5 years ago
• volatilityfoundation / community3
  Volatility3 plugins developed and maintained by the community
  ☆58Updated 2 years ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆45Updated 6 years ago
• makomk / aeskeyfind
  Fork of aeskeyfind that knows more formats of AES key schedule
  ☆65Updated 8 years ago
• cube0x8 / ChromeRagamuffin
  Google Chrome internals analysis using Volatility
  ☆42Updated 2 years ago
• Paul-Tew / lifer
  Windows link file (shortcuts) examiner
  ☆68Updated last year
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆75Updated 10 years ago
• jschicht / StegoMft
  PoC for hiding data within $MFT
  ☆12Updated 10 years ago
• woanware / wmi-parser
  Parses the WMI object database....looking for persistence
  ☆32Updated 5 years ago
• monnappa22 / Psinfo
  Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process E…
  ☆36Updated 8 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆75Updated 5 months ago
• NTFSparse / ntfs_parse
  NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
  ☆37Updated 8 years ago
• reb311ion / CapaExplorer
  Capa analysis importer for Ghidra.
  ☆61Updated 4 years ago
• tccontre / KnowledgeBase
  Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff
  ☆54Updated 4 months ago
• seth1002 / tracecorn_tina
  a modified version base on Tracecorn
  ☆20Updated 5 years ago
• kevthehermit / volatility_plugins
  Volatility Plugins
  ☆63Updated last year
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• ufrisk / MemProcFS-plugins
  ☆56Updated 8 months ago
• schrodyn / steezy
  Steezy - Ghetto Yara Generation
  ☆15Updated 2 years ago
• cryptogramfan / Malware-Analysis-Scripts
  Handy scripts to speed up malware analysis
  ☆35Updated last year
• EricZimmerman / Prefetch
  Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.
  ☆113Updated 5 months ago
• jankais3r / Forensic-Version-Checker
  Script that checks for available updates for the most commonly used Digital Forensics tools
  ☆59Updated 4 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆135Updated 2 years ago
• cyb3rfox / MFTEntryCarver
  Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if re…
  ☆21Updated 6 years ago
• EricZimmerman / WxTCmd
  ☆19Updated last month
• archcloudlabs / r2elk
  Radare2 Metadata Extraction to Elasticsearch
  ☆23Updated last year
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆137Updated 2 years ago