volatilityfoundation / dwarf2jsonLinks
convert ELF/DWARF symbol and type information into vol3's intermediate JSON
☆135Updated last year
Alternatives and similar repositories for dwarf2json
Users that are interested in dwarf2json are comparing it to the libraries listed below
Sorting:
- Windows symbol tables for Volatility 3☆90Updated last year
- Linpmem is a linux memory acquisition tool☆93Updated 3 months ago
- Volatility Symbol Generator for Linux Kernels☆36Updated last year
- Generate Volatility3 profiles from BTF.☆29Updated 9 months ago
- Volatility3 plugins developed and maintained by the community☆59Updated 2 years ago
- Volatility, on Docker 🐳☆39Updated 2 weeks ago
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆70Updated 2 months ago
- A guide on how to write fast and memory friendly YARA rules☆153Updated 8 months ago
- Memory acquisition for Linux that makes sense.☆208Updated last year
- ☆109Updated last month
- Collection of Volatility2 profiles, generated against Linux kernels.☆53Updated last month
- Use YARA rules on Time Travel Debugging traces☆93Updated 2 years ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.☆140Updated last month
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆75Updated this week
- FLARE Team's Binary Navigator☆288Updated this week
- ☆109Updated 2 years ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆259Updated 2 years ago
- ☆20Updated 3 years ago
- Volatility3 Linux profiles☆59Updated last month
- Malduck is your ducky companion in malware analysis journeys☆345Updated 3 months ago
- Red Canary's eBPF Sensor☆110Updated 4 months ago
- Ghidra scripts for recovering string definitions in Go binaries☆119Updated 11 months ago
- Elastic Security Labs releases☆81Updated last week
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆94Updated last month
- The Linux port of the Sysinternals Sysmon tool.☆276Updated 3 weeks ago
- capemon: CAPE's monitor☆129Updated last week
- Community modules for CAPE Sandbox☆103Updated this week
- Scripts to run within Ghidra, maintained by the Trellix ARC team☆118Updated 3 months ago
- YARI is an interactive debugger for YARA Language.☆89Updated last month
- Powershell script deobfuscation using AST in Python☆72Updated last month