volatilityfoundation / dwarf2json
convert ELF/DWARF symbol and type information into vol3's intermediate JSON
☆116Updated 5 months ago
Alternatives and similar repositories for dwarf2json:
Users that are interested in dwarf2json are comparing it to the libraries listed below
- Linpmem is a linux memory acquisition tool☆78Updated 10 months ago
- Windows symbol tables for Volatility 3☆81Updated 8 months ago
- Generate Volatility3 profiles from BTF.☆13Updated 3 months ago
- Volatility3 plugins developed and maintained by the community☆51Updated 2 years ago
- An NTFS/FAT parser for digital forensics & incident response☆200Updated 4 months ago
- Volatility, on Docker 🐳☆33Updated 8 months ago
- A guide on how to write fast and memory friendly YARA rules☆141Updated last month
- Volatility Symbol Generator for Linux Kernels☆34Updated last year
- Symbol hash for ELF files☆108Updated 3 years ago
- Alternative YARA scanning engine☆70Updated 2 years ago
- YARI is an interactive debugger for YARA Language.☆88Updated 2 months ago
- Use YARA rules on Time Travel Debugging traces☆88Updated last year
- The Linux port of the Sysinternals Sysmon tool.☆256Updated last week
- Golang Parser for Microsoft Event Logs☆101Updated 2 months ago
- Red Canary's eBPF Sensor☆103Updated 8 months ago
- Signature engine for all your logs☆166Updated last year
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆118Updated 3 months ago
- Automatically generate AV byte signatures from sets of similar binaries.☆267Updated 3 months ago
- ☆101Updated 2 years ago
- Malduck is your ducky companion in malware analysis journeys☆326Updated 9 months ago
- ☆105Updated last year
- Community modules for CAPE Sandbox☆92Updated last week
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆101Updated this week
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆105Updated this week
- volatility explorer☆91Updated 4 years ago
- Memory acquisition for Linux that makes sense.☆181Updated last year
- JPCERT/CC public YARA rules repository☆106Updated 3 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆245Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆97Updated 3 months ago
- capemon: CAPE's monitor☆110Updated this week