An advanced memory forensics framework
☆7,972May 16, 2025Updated 9 months ago
Alternatives and similar repositories for volatility
Users that are interested in volatility are comparing it to the libraries listed below
Sorting:
- Volatility 3.0 development☆3,931Feb 20, 2026Updated last week
- Rekall Memory Forensic Framework☆1,997Oct 18, 2020Updated 5 years ago
- Impacket is a collection of Python classes for working with network protocols.☆15,493Updated this week
- LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices…☆1,936Nov 9, 2025Updated 3 months ago
- The pattern matching swiss knife☆9,439Feb 10, 2026Updated 2 weeks ago
- A little tool to play with Windows security☆21,281May 11, 2025Updated 9 months ago
- CTF framework and exploit development library☆13,278Updated this week
- PowerSploit - A PowerShell Post-Exploitation Framework☆12,889Aug 17, 2020Updated 5 years ago
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,378Dec 23, 2025Updated 2 months ago
- Six Degrees of Domain Admin☆10,550Aug 1, 2025Updated 6 months ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,813Jan 19, 2020Updated 6 years ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,897Updated this week
- A swiss army knife for pentesting networks☆9,082Dec 6, 2023Updated 2 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆5,922May 3, 2022Updated 3 years ago
- Defund the Police.☆13,472Jun 7, 2024Updated last year
- Repository of yara rules☆4,722Apr 17, 2024Updated last year
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,617Updated this week
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,759Apr 25, 2024Updated last year
- Volatility plugins developed and maintained by the community☆376Apr 5, 2021Updated 4 years ago
- Main Sigma Rule Repository☆10,145Feb 19, 2026Updated last week
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆8,336Dec 6, 2025Updated 2 months ago
- PEDA - Python Exploit Development Assistance for GDB☆6,105Jul 29, 2024Updated last year
- UNIX-like reverse engineering framework and command-line toolset☆23,170Updated this week
- Defeating Windows User Account Control☆7,377Feb 17, 2026Updated last week
- Firmware Analysis Tool☆13,596Feb 5, 2026Updated 3 weeks ago
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆2,993Feb 18, 2026Updated last week
- oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware a…☆3,295Feb 14, 2026Updated 2 weeks ago
- Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…☆7,527Oct 16, 2025Updated 4 months ago
- A curated list of tools for incident response☆8,832Jul 18, 2024Updated last year
- Loki - Simple IOC and YARA Scanner☆3,726Jan 12, 2026Updated last month
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆4,833Jun 15, 2020Updated 5 years ago
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆4,173May 11, 2023Updated 2 years ago
- GRR Rapid Response: remote live forensics for incident response☆5,040Feb 16, 2026Updated last week
- A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open…☆12,735Nov 19, 2025Updated 3 months ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆6,353Jan 26, 2026Updated last month
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,844Updated this week
- Exploit Development and Reverse Engineering with GDB & LLDB Made Easy☆10,128Updated this week
- Metasploit Framework☆37,590Updated this week
- Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by …☆3,015Oct 25, 2025Updated 4 months ago