基于Memprocfs和Volatility的可视化内存取证工具
-
Updated
Oct 13, 2024 - Python
基于Memprocfs和Volatility的可视化内存取证工具
Project containing several tools/ scripts to recover the OpenSSH session keys used to encrypt/ decrypt SSH traffic.
PyDFIRRam is a Python library leveraging Volatility 3 to simplify and enhance memory forensics. It streamlines the research, parsing, and analysis of memory dumps, allowing users to focus on data rather than commands.
A suite of Volatility 3 plugins for memory forensics of Docker containers
Volatility 3 plugins to extract a module as complete as possible
Linux BPF plugins for Volatility3
GLASS (Global Language And Site Scanner) is a Volatility plugin designed by Clayton Wenzel, James Baumhardt, and Nathan Eberly, aiming to swiftly identify and classify malicious domains and unexpected languages within a memory dump, providing users with dynamic insights for forensic investigations.
A Volatility3 plugin to ask chatGPT
Created a feature extractor tool - VolMemLyzer(V2) with 250+ features, leveraging the power of the Volatility framework for memory analysis of the memory dumps.
PsXview plugin for volatility3 by MY7H404 - Find hidden processes with various process listings
Personal Project for Year 3 Uni
Add a description, image, and links to the volatility3 topic page so that developers can more easily learn about it.
To associate your repository with the volatility3 topic, visit your repo's landing page and select "manage topics."