MalConfScan | CyberSecTools

MalConfScan

0 (0)

MalConfScan is a Volatility plugin that extracts configuration data of known malware, searches for malware in memory images, and dumps configuration data. It also has a function to list strings to which malicious code refers. Supported malware families include Ursnif, Emotet, Smoke Loader, PoisonIvy, CobaltStrike, and many others. Additionally, it can dump decoded strings or DGA domains. MalConfScan also provides additional analysis by listing strings to which malicious code refers and decoding configuration data usually encoded by malware.

Digital Forensics

Free

malware-analysis memory-forensics malware-detection string-analysis

ALTERNATIVES

Ghiro

0 (0)

Automated digital image forensics tool

Digital Forensics

Free

digital-forensics open-source image-processing image-analysis forensic-tool

GitTools

0 (0)

A collection of tools for extracting and analyzing information from .git repositories

Digital Forensics

Free

binary-security web-app-security file-analysis file-patching git

libfsapfs

0 (0)

A library and tools to access and analyze APFS file systems

Digital Forensics

Free

file-system mac-os

MemLabs

0 (0)

Educational CTF-styled challenges for Memory Forensics.

Digital Forensics

Free

ctf learning memory-forensics volatility security-research education

Belkasoft

0 (0)

Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.

Digital Forensics

Free

digital-forensics incident-response forensic-analysis forensic-tool

Chrome URL Dumper

0 (0)

Accessing databases stored on a machine by the Chrome browser and dumping URLs found.

Digital Forensics

Free

security url browser chrome database