Alternatives and similar repositories for volatility-bitlocker

Users that are interested in volatility-bitlocker are comparing it to the libraries listed below

• MagnetForensics / Hibr2Bin
  Comae Hibernation File Decompressor
  ☆154Updated 2 years ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆91Updated 4 years ago
• mandiant / win10_volatility
  An advanced memory forensics framework
  ☆96Updated 5 years ago
• Paul-Tew / lifer
  Windows link file (shortcuts) examiner
  ☆68Updated last year
• kevthehermit / volatility_plugins
  Volatility Plugins
  ☆64Updated 2 years ago
• you0708 / lznt1
  Python implementation of LZNT1 compression/decompression
  ☆65Updated 5 years ago
• silascutler / LnkParse
  Windows Shortcut file (LNK) parser
  ☆136Updated 2 years ago
• tomchop / unxor
  unXOR will search a XORed file and try to guess the key using known-plaintext attacks.
  ☆143Updated 5 years ago
• Te-k / pecli
  CLI tool to analyze PE files
  ☆88Updated 11 months ago
• kryptoslogic / rdppot
  RDP honeypot
  ☆67Updated 6 years ago
• volatilityfoundation / community3
  Volatility3 plugins developed and maintained by the community
  ☆59Updated 2 years ago
• cube0x8 / ChromeRagamuffin
  Google Chrome internals analysis using Volatility
  ☆42Updated 2 years ago
• lemmou / RansomNoteFiles
  ☆24Updated last year
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• dfirfpi / dpapilab
  Windows DPAPI laboratory
  ☆93Updated 7 years ago
• aleksost / MemoryDecompression
  Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.
  ☆51Updated 6 years ago
• monnappa22 / Psinfo
  Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process E…
  ☆36Updated 8 years ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆46Updated 6 years ago
• woanware / JumpLister
  ☆18Updated 12 years ago
• SecurityRiskAdvisors / PDBlaster
  ☆47Updated 5 years ago
• jschicht / UsnJrnl2Csv
  Parser for $UsnJrnl on NTFS
  ☆114Updated 2 years ago
• RUB-NDS / MS-RMS-Attacks
  Breaking the security of Microsoft's RMS
  ☆55Updated 6 years ago
• williballenthin / LfLe
  Recover event log entries from an image by heurisitically looking for record structures.
  ☆27Updated 9 years ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 4 years ago
• intezer / analyze-community-ghidra-plugin
  Ghidra plugin for https://analyze.intezer.com
  ☆71Updated 2 years ago
• breppo / Volatility-BitLocker
  Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…
  ☆52Updated 5 years ago
• nmantani / FileInsight-plugins
  FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis
  ☆162Updated 8 months ago
• williballenthin / python-evt
  Pure Python parser for classic Windows Event Log files (.evt)
  ☆51Updated 2 years ago
• Heat-Miser / tinynuke-toolset
  Set of tools to analyze Tinynuke samples
  ☆15Updated 3 years ago
• archcloudlabs / r2elk
  Radare2 Metadata Extraction to Elasticsearch
  ☆23Updated last year