MalConfScan
0 (0)
MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.
Libewf is a library to access the Expert Witness Compression Format (EWF), allowing users to read and write EWF files, which are commonly used in digital forensics and incident response. The library provides a flexible and efficient way to work with EWF files, making it a valuable tool for digital forensic analysts and incident responders. Libewf supports various features, including reading and writing EWF files, extracting metadata, and providing access to file system data. The library is widely used in digital forensic tools and is an essential component of many digital forensic workflows. By providing a standardized way to access EWF files, libewf enables digital forensic analysts and incident responders to focus on analyzing and understanding the data, rather than worrying about the underlying file format.
MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
WinSearchDBAnalyzer can parse and recover records in Windows.edb, providing detailed insights into various data types.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
