Linux #rootkit and #malware revealer
☆31Aug 1, 2024Updated last year
Alternatives and similar repositories for sunlight
Users that are interested in sunlight are comparing it to the libraries listed below
Sorting:
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 5 months ago
- Linux BPF plugins for Volatility3☆23Jan 19, 2024Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- Rootkit breaker - experimental Linux anti-rootkit tool based on kprobes☆12Sep 30, 2020Updated 5 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- Simple CLI utility to save off an image from every webcam hooked into a mac☆14May 20, 2021Updated 4 years ago
- sudo-parser is a tool to audit complex sudoers files☆18Nov 2, 2022Updated 3 years ago
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Aug 5, 2022Updated 3 years ago
- ☆23Jan 15, 2019Updated 7 years ago
- Slides and resources from MCTTP 2025 Talk☆66Oct 26, 2025Updated 4 months ago
- ☆28Sep 4, 2024Updated last year
- Production-ready detection & response queries for osquery☆600Aug 13, 2025Updated 6 months ago
- yet another hidden LKM hunter☆32Sep 18, 2025Updated 5 months ago
- ESF modular ingestion tool for development and research.☆38Dec 21, 2021Updated 4 years ago
- Framework for generating audit commands for Unix security audits☆66Aug 1, 2023Updated 2 years ago
- References for FIRST CTI 2019 Symposium presentation☆23Mar 19, 2019Updated 6 years ago
- FFXI Gearswap Lua for the impaired☆10Feb 2, 2026Updated last month
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Nov 18, 2024Updated last year
- ☆140Aug 7, 2025Updated 6 months ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,242Feb 18, 2026Updated last week
- Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure☆30Feb 9, 2024Updated 2 years ago
- Linux install and network setup for SNAPS☆14Sep 7, 2019Updated 6 years ago
- Read PostgreSQL data files without credentials - forensics, data recovery, and security research tool☆34Jan 18, 2026Updated last month
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- Artifact collection tool for *nix systems☆212Mar 20, 2024Updated last year
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆37Mar 15, 2023Updated 2 years ago
- ManageEngine OpManager Decryption Tools☆32Sep 6, 2022Updated 3 years ago
- Create database files for the genealogytree LaTeX package from GEDCOM files☆11Mar 11, 2025Updated 11 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆103Jan 13, 2026Updated last month
- macOS persistence mechanism scanner with code signature verification and timeline tracking.☆202Dec 20, 2025Updated 2 months ago
- A monitoring script for AFL☆41Feb 8, 2017Updated 9 years ago
- Forensic Artifact Collection Tool Matrix☆95Nov 9, 2024Updated last year
- Fast lookup server for NSRL and other hash database used in digital forensic☆48Jan 26, 2026Updated last month
- JXA implementation of some SwiftBelt functions. Author: Cedric Owens☆46Jun 22, 2023Updated 2 years ago
- A collection of tools for managing and automating vulnerability management.☆13Mar 24, 2022Updated 3 years ago
- Controlling your MSR with Visual Basic 6☆19Jul 1, 2015Updated 10 years ago
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆11May 10, 2025Updated 9 months ago
- 👶🏻😿 A zero-dependency network sniffer, written from scratch, that supports emulated and native cBPF. Runs on Linux, BSD, macOS and Win…☆13Nov 8, 2025Updated 3 months ago