Alternatives and similar repositories for volatility-bitlocker:

Users that are interested in volatility-bitlocker are comparing it to the libraries listed below

• breppo / Volatility-BitLocker
  Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…
  ☆45Updated 5 years ago
• MagnetForensics / Hibr2Bin
  Comae Hibernation File Decompressor
  ☆148Updated 2 years ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆91Updated 4 years ago
• mandiant / win10_volatility
  An advanced memory forensics framework
  ☆95Updated 5 years ago
• 0xHasanM / Autopsy-Registry-Explorer
  Autopsy Module to analyze Registry Hives
  ☆15Updated 3 years ago
• lemmou / RansomNoteFiles
  ☆23Updated last year
• Heat-Miser / tinynuke-toolset
  Set of tools to analyze Tinynuke samples
  ☆15Updated 3 years ago
• RUB-NDS / MS-RMS-Attacks
  Breaking the security of Microsoft's RMS
  ☆54Updated 5 years ago
• Paul-Tew / lifer
  Windows link file (shortcuts) examiner
  ☆68Updated 10 months ago
• JPCERTCC / Windows-Symbol-Tables
  Windows symbol tables for Volatility 3
  ☆83Updated 9 months ago
• cube0x8 / ChromeRagamuffin
  Google Chrome internals analysis using Volatility
  ☆42Updated 2 years ago
• avast / yari
  YARI is an interactive debugger for YARA Language.
  ☆88Updated 3 months ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 4 years ago
• makomk / aeskeyfind
  Fork of aeskeyfind that knows more formats of AES key schedule
  ☆64Updated 7 years ago
• aleksost / MemoryDecompression
  Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.
  ☆50Updated 6 years ago
• you0708 / lznt1
  Python implementation of LZNT1 compression/decompression
  ☆64Updated 5 years ago
• msuhanov / winmem_decompress
  Extract compressed memory pages from page-aligned data
  ☆45Updated 6 years ago
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆38Updated 2 years ago
• ThisIsLibra / MalPull
  A multi-threaded malware sample downloader based upon given MD-5/SHA-1/SHA-256 hashes, using multiple malware databases.
  ☆30Updated 2 years ago
• volatilityfoundation / community3
  Volatility3 plugins developed and maintained by the community
  ☆51Updated 2 years ago
• NTFSparse / ntfs_parse
  NTFS parser, plus linking capabilites between MFT LogFile and UsnJrnl
  ☆37Updated 8 years ago
• EricZimmerman / WxTCmd
  ☆19Updated 2 months ago
• jschicht / UsnJrnl2Csv
  Parser for $UsnJrnl on NTFS
  ☆110Updated 2 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• msuhanov / dfir_ntfs
  An NTFS/FAT parser for digital forensics & incident response
  ☆203Updated 5 months ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆73Updated 3 months ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆75Updated 10 years ago
• iNod3 / sandbagility
  ☆23Updated 5 years ago