volatilityfoundation/community

Volatility plugins developed and maintained by the community

Language: Python - Size: 34.5 MB - Last synced at: 3 days ago - Pushed at: about 4 years ago - Stars: 361 - Forks: 141

K2/Scripting

PS / Bash / Python / Other scripts For FUN!

Language: PowerShell - Size: 1.38 MB - Last synced at: 24 days ago - Pushed at: 2 months ago - Stars: 55 - Forks: 6

carlospolop/autoVolatility

Run several volatility plugins at the same time

Language: Python - Size: 8.79 KB - Last synced at: 25 days ago - Pushed at: over 2 years ago - Stars: 114 - Forks: 26

eset/volatility-browserhooks

Volatility Framework plugin to detect various types of hooks as performed by banking Trojans

Language: Python - Size: 29.3 KB - Last synced at: 16 days ago - Pushed at: over 6 years ago - Stars: 41 - Forks: 14

memoryforensics1/Vol3xp

Volatility Explorer Suit

Language: Python - Size: 3.39 MB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 63 - Forks: 12

memoryforensics1/VolExp

volatility explorer

Language: Python - Size: 1.51 MB - Last synced at: 28 days ago - Pushed at: over 4 years ago - Stars: 91 - Forks: 15

amir9339/volatility-docker

A suite of Volatility 3 plugins for memory forensics of Docker containers

Language: Python - Size: 13.9 MB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 18 - Forks: 3

JPCERTCC/etw-scan

ETW forensic tool for Volatility3 plugin

Language: Python - Size: 2.61 MB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 11 - Forks: 0

TazWake/volatility-plugins

Learning volatility plugins.

Language: Python - Size: 93.8 KB - Last synced at: 25 days ago - Pushed at: about 4 years ago - Stars: 19 - Forks: 4

reverseame/winesap

Volatility plugin to search for all Autostart Extensibility Points (AESPs)

Language: Python - Size: 239 KB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 9 - Forks: 0

piralla/Malfind-Parser

Highly useful Volatility-Malfind output parser for detecting Code/Process Injection patterns

Language: Python - Size: 8.79 KB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 0 - Forks: 0

KrazyC1/GLASS-volatility

GLASS (Global Language And Site Scanner) is a Volatility plugin designed by Clayton Wenzel, James Baumhardt, and Nathan Eberly, aiming to swiftly identify and classify malicious domains and unexpected languages within a memory dump, providing users with dynamic insights for forensic investigations.

Language: Python - Size: 18 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0

casework/CASE-Implementation-Volatility

CASE (v0.1.0) implementation into Volatility.

Language: Python - Size: 26.4 KB - Last synced at: about 1 year ago - Pushed at: almost 5 years ago - Stars: 1 - Forks: 1

reverseame/sigcheck

Volatility plugin to validate Authenticode-signed processes, either with embedded signature or catalog-signed

Language: Python - Size: 63.5 KB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 15 - Forks: 4

mbrown1413/SqliteFind

A Volatility plugin for finding sqlite database rows

Language: Python - Size: 76.2 KB - Last synced at: 12 months ago - Pushed at: almost 6 years ago - Stars: 22 - Forks: 4

reverseame/processfuzzyhash

Volatility plugin to calculate and compare Windows processes fuzzy hashes

Language: Python - Size: 31.3 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 6 - Forks: 1

reverseame/similarity-unrelocated-module

Volatility plugin to yield and compare similarity digest of modules on execution.

Language: Python - Size: 103 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 2 - Forks: 0

reverseame/modex

Volatility 3 plugins to extract a module as complete as possible

Language: Python - Size: 127 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 1

reverseame/malscan

Volatility plugin to detect malicious code thanks to ClamAV

Language: Python - Size: 17.6 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 2 - Forks: 2

vavarachen/volatility_automation

A tool to automate memory dump processing using Volatility, including optional Splunk integration.

Language: Python - Size: 14.5 MB - Last synced at: about 2 years ago - Pushed at: almost 5 years ago - Stars: 8 - Forks: 3

joezbub/Memory-Forensics-Plugins

Volatility plugins to recover ML model attributes from memory images

Language: Python - Size: 10.1 MB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 2 - Forks: 2

WithSecureLabs/volatility-plugins

Language: Python - Size: 20.5 KB - Last synced at: 10 months ago - Pushed at: over 6 years ago - Stars: 11 - Forks: 0

pasquale95/lsns

Volatility plugin to retrieve namespaces and relative processes from a memory dump.

Language: C - Size: 17.6 KB - Last synced at: about 1 year ago - Pushed at: almost 6 years ago - Stars: 5 - Forks: 0

reverseame/residentmem

Volatility plugin to obtain the number of the resident memory pages per module (exe or dll) and per driver from a Windows memory dump.

Language: Python - Size: 33.2 KB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 1 - Forks: 0

reverseame/dumd-mixer

Dump Module Mixer (dumd-mixer) is a Python script to generate a module from the same module extracted from a collection of memory dumps.

Language: Python - Size: 59.6 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 0 - Forks: 0

Heisenberk/volatility Fork of volatilityfoundation/volatility

An advanced memory forensics framework

Size: 20.4 MB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 0 - Forks: 0