|3 months ago||almost 2 years ago|
|GNU General Public License v3.0 only||MIT License|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
What is the appropriate uncompressed kernel ELF to use with dwarf2json? [ 5.19.0-42-generic #43~22.04.1-Ubuntu ], in order to create generate a custom symbols table to conduct linux memory forensics on Ubuntu 22.04?
2 projects | /r/computerforensics | 28 May 2023
I need this to create generate a custom symbols table (using dwarf2json), in order to run a memory dump acquired by Ubuntu 22.04, as Ubuntu 22.04 kernel does not work anymore with volatility 2 (Issue here: volatilityfoundation/volatility#828)
How to inspect a Linux machine
2 projects | dev.to | 13 Nov 2022
Analyzing memory dumps can be hard, especially at the beginning. You might want to use comprehensive Frameworks like volatility.
PChunter equivalent on Linux?
4 projects | /r/blackhat | 20 Jun 2022
volatility - Version 2 Version 3
Awesome CTF : Top Learning Resource Labs
72 projects | /r/TutorialBoy | 13 Nov 2021
Volatility - To investigate memory dumps.
Cannot process recent Windows 10 memory dumps in Volatility
2 projects | /r/computerforensics | 22 Dec 2020
What are some alternatives?
CyberChef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
Apktool - A tool for reverse engineering Android apk files
shellbags - Cross-platform, open-source shellbag parser
jadx - Dex to Java decompiler
volatility3 - Volatility 3.0 development
MalConfScan - Volatility plugin for extracts configuration data of known malware
picoCTF - The platform used to run picoCTF 2019.
radare2 - UNIX-like reverse engineering framework and command-line toolset [Moved to: https://github.com/radareorg/radare2]
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
ps_mem - A utility to accurately report the in core memory usage for a program
nipe - An engine to make Tor network your default gateway [Moved to: https://github.com/htrgouvea/nipe]