Alternatives and similar repositories for volatility-bitlocker:

Users that are interested in volatility-bitlocker are comparing it to the libraries listed below

• breppo / Volatility-BitLocker
  Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…
  ☆35Updated 4 years ago
• MagnetForensics / Hibr2Bin
  Comae Hibernation File Decompressor
  ☆142Updated last year
• Paul-Tew / lifer
  Windows link file (shortcuts) examiner
  ☆67Updated 7 months ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆91Updated 4 years ago
• dfirfpi / dpapilab
  Windows DPAPI laboratory
  ☆87Updated 6 years ago
• mandiant / win10_volatility
  An advanced memory forensics framework
  ☆93Updated 5 years ago
• ufrisk / MemProcFS-plugins
  ☆56Updated 3 months ago
• Synacktiv-contrib / stuffz
  Repository containing many useful scripts
  ☆74Updated 2 years ago
• GDATAAdvancedAnalytics / winreg-tasks
  ☆16Updated 2 years ago
• cube0x8 / ChromeRagamuffin
  Google Chrome internals analysis using Volatility
  ☆41Updated 2 years ago
• monnappa22 / Psinfo
  Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process E…
  ☆36Updated 8 years ago
• NTFSparse / ntfs_parse
  NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
  ☆37Updated 8 years ago
• jordanbtucker / dpapick
  DPAPI offline decryption utility
  ☆67Updated 2 years ago
• kevthehermit / volatility_symbols
  Volatility Symbol Generator for Linux Kernels
  ☆32Updated last year
• williballenthin / LfLe
  Recover event log entries from an image by heurisitically looking for record structures.
  ☆27Updated 9 years ago
• tccontre / KnowledgeBase
  Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff
  ☆54Updated 8 months ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆42Updated 6 years ago
• elceef / bitlocker
  Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key)
  ☆225Updated 8 years ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆74Updated 10 years ago
• Big5-sec / SourceFu
  hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…
  ☆40Updated 5 years ago
• woanware / wmi-parser
  Parses the WMI object database....looking for persistence
  ☆31Updated 5 years ago
• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• jschicht / SetMace
  Manipulate timestamps on NTFS
  ☆50Updated 10 years ago
• Banaanhangwagen / WINHELLO2hashcat
  ☆71Updated 2 years ago
• woanware / JumpLister
  ☆18Updated 11 years ago
• blacknbunny / peanalyzer
  Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bit
  ☆99Updated 5 years ago
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆22Updated 3 months ago
• cyb3rfox / MFTEntryCarver
  Carve files for MFT entries (eg. blkls output or memory dumps). Recovers filenames (long & short), timestamps ($STD & $FN) and data if re…
  ☆21Updated 5 years ago
• jschicht / StegoMft
  PoC for hiding data within $MFT
  ☆12Updated 10 years ago
• ernw / quarantine-formats
  Documentation and parsers for different anti-virus quarantine formats.
  ☆42Updated 4 years ago