volatilityfoundation / dwarf2json
convert ELF/DWARF symbol and type information into vol3's intermediate JSON
☆106Updated last month
Related projects ⓘ
Alternatives and complementary repositories for dwarf2json
- Linpmem is a linux memory acquisition tool☆75Updated 6 months ago
- Windows symbol tables for Volatility 3☆75Updated 4 months ago
- Volatility Symbol Generator for Linux Kernels☆31Updated last year
- Use YARA rules on Time Travel Debugging traces☆86Updated last year
- The Linux port of the Sysinternals Sysmon tool.☆241Updated last week
- Automatically generate AV byte signatures from sets of similar binaries.☆259Updated 9 months ago
- ☆96Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆240Updated last year
- Golang Parser for Microsoft Event Logs☆98Updated 3 months ago
- Linux Kernel Runtime Integrity with eBPF☆164Updated last year
- A tool for firmware cartography☆138Updated 8 months ago
- A guide on how to write fast and memory friendly YARA rules☆126Updated last year
- volatility explorer☆90Updated 4 years ago
- Symbol hash for ELF files☆102Updated 2 years ago
- Alternative YARA scanning engine☆67Updated 2 years ago
- A golang CLI tool to download malware from a variety of sources.☆141Updated 9 months ago
- Red Canary's eBPF Sensor☆101Updated 4 months ago
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆86Updated 5 months ago
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆35Updated 4 years ago
- YARI is an interactive debugger for YARA Language.☆88Updated last week
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆107Updated 7 months ago
- Imphash-like calculation on Golang binaries☆47Updated 2 years ago
- Volatility, on Docker 🐳☆29Updated 4 months ago
- Malduck is your ducky companion in malware analysis journeys☆319Updated 5 months ago
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆78Updated last week
- pyGoRE - Python library for analyzing Go binaries☆64Updated 2 years ago
- ☆100Updated last year
- Ghidra scripts for malware analysis☆90Updated 10 months ago
- Volatility3 plugins developed and maintained by the community☆45Updated last year
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆98Updated 2 months ago