Create your own GitHub profile
Sign up for your own profile on GitHub, the best place to host code, manage projects, and build software alongside 28 million developers.Sign up
EditBox is a plugin for the Volatility Framework. It extracts the text from Windows Edit controls, that is, textboxes as generated by Windows Common Controls.
NDISPktScan is a plugin for the Volatility Framework. It parses the Ethernet packets stored by ndis.sys in Windows kernel space memory.
Parses Windows Registry hive files listing the key values with a high entropy.
Parses Windows Registry hive files listing the biggest key values by the size of their associated data.
Automates running sigcheck against a text file of file paths.
A script to update a Digital Ocean DNS record with your current external IPv4 address.
25 contributions in the last year
May - October 2018
Created an issue in Cisco-Talos/pyrebox that received 2 comments
Working in 64-bit.
After breaking on a
MEM_WRITE_CB, I would like to know the memory address of the instruction that caused the read…