#

memory-forensics

Here are 33 public repositories matching this topic...

hasherezade / pe-sieve

Star

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

scans anti-malware malware-analysis pe-format hooking pe-analyzer memory-forensics pe-dumper libpeconv process-analyzer pe-sieve

Updated Sep 12, 2021
C++

hasherezade / hollows_hunter

Star

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

anti-malware malware-analysis memory-forensics malware-detection pe-sieve

Updated Sep 12, 2021
C

MemLabs

stuxnet999 / MemLabs

Star

Educational, CTF-styled labs for individuals interested in Memory Forensics

windows security forensics dfir cybersecurity ctf digital-forensics memory-forensics ctf-challenges

Updated Mar 8, 2021
Shell

swwwolf / wdbgark

Star

WinDBG Anti-RootKit Extension

windows c-plus-plus visual-studio malware driver kernel-mode crash-dump windbg malware-analysis windbg-extension malware-research forensic-analysis debugging-tool memory-forensics anomaly-detection anti-rootkit wdbgark user-mode sww wa-haltables wa-idt wa-objtype wa-ssdt wa-colorize wa-checkmsr wa-pnptable wa-crashdmpcall wa-objtypecb swwwolf

Updated Jul 29, 2020
C++

microsoft / avml

Star

AVML - Acquire Volatile Memory for Linux

rust memory-forensics linux-security

Updated Sep 21, 2021
Rust

teamdfir / sift

Star

SIFT

cli forensics saltstack sift memory-forensics sans issues-only timeline-analysis salt-state

Updated Aug 16, 2021

patois / IDACyber

Star

Data Visualization Plugin for IDA Pro

pixel-art reverse-engineering data-visualization memory-hacking ida ida-pro cyber exploitation idapython-plugin memory-forensics color-filter firmware-analysis

Updated May 7, 2021
Python

hasherezade / mal_unpack

Star

Dynamic unpacker based on PE-sieve

malware-analysis memory-forensics libpeconv pe-sieve malware-unpacker

Updated Sep 12, 2021
C++

gleeda / memtriage

Star

Allows you to quickly query a Windows machine for RAM artifacts

ram memory malware memory-analysis volatility memory-forensics windows-machine live-analysis winpmem

Updated Jul 17, 2020
Python

comaeio / LiveCloudKd

Star

Hyper-V Research is trendy now

virtual-machines memory-forensics

Updated Aug 11, 2020
C

asiamina / A-Course-on-Digital-Forensics

Star

A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University

network-forensics reverse-engineering courses digital-forensics memory-forensics

Updated Jan 8, 2021

evild3ad / MemProcFS-Analyzer

Star

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

powershell incident-response dfir digital-forensics memory-forensics memprocfs

Updated Jun 19, 2021

Apr4h / GetInjectedThreads

Star

C# Implementation of Jared Atkinson's Get-InjectedThread.ps1

incident-response blueteam memory-forensics process-injection

Updated Jul 11, 2021
C#

ytisf / muninn

Star

A short and small memory forensics helper.

python volatility memory-forensics

Updated Oct 18, 2017
Python

iAbadia / Volatility-Plugin-Tutorial

Star

Development guide for Volatility Plugins

python plugin tutorial guide volatility memory-forensics

Updated Sep 6, 2017

Hestat / calamity

Star

A script to assist in processing forensic RAM captures for malware triage

dfir malware-analysis volatility memory-forensics

Updated Feb 4, 2021
Shell

pagabuc / kallsyms-extractor

Star

Tool to extract the kallsyms (System.map) from a memory dump

python linux-kernel unicorn-emulator memory-forensics kallsyms

Updated Jun 18, 2021
Python

ncsc-fi / minion-rules

Star

Minion rules for DFIR work.

open-source forensics dfir memory-forensics dfir-automation

Updated Jun 9, 2020

TazWake / volatility-plugins

Star

Learning volatility plugins.

python memory-forensics volatility-plugins

Updated Feb 16, 2021
Python

mylamour / -_--Forensics-Tools

Star

Not Only Forensics Toolkit

tools standalone forensics memory-forensics password-extraction

Updated Apr 8, 2018
PowerShell

wongkenny240 / ComputerForensics

Star

My digital forensics notebook

incident-response dfir digital-forensics memory-forensics digital-forensics-incident-response

Updated Sep 10, 2021

reverseame / similarity-unrelocated-module

Star

Volatility plugin to yield and compare similarity digest of modules on execution.

python sum volatility memory-forensics volatility-plugins approximate-matching fuzzy-hash similarity-digest

Updated Aug 11, 2021
Python

vmayoral / ros_volatility

Star

ram ros forensics robot-operating-system volatility memory-forensics

Updated Nov 2, 2018
Python

forensenellanebbia / volatility-profiles

Star

My Linux profiles built for Volatility 2/3

ram memory fedora forensics rhel volatility memory-forensics volatility-framework volatility-profiles volatility3

Updated Sep 1, 2021

samduy / volatility-uclinux

Star

Volatility profile for uclinux

python profile digital-forensics volatility memory-forensics uclinux

Updated Jun 19, 2020
Python

pagabuc / atomicity_tops

Star

Introducing the Temporal Dimension to Memory Forensics - ACM Transactions on Privacy and Security 2019

memory-analysis volatility memory-forensics

Updated Jul 15, 2019
Python

NiklasBeierl / nosyms

Star

Data structure detection with neural networks.

neural-network pytorch virtual-machine-introspection memory-forensics dgl-graph

Updated Sep 19, 2021
Python

reverseame / residentmem

Star

Volatility plugin to obtain the number of the resident memory pages per module (exe or dll) and per driver from a Windows memory dump.

python volatility memory-forensics volatility-plugins

Updated May 11, 2021
Python

joezbub / Memory-Forensics-Plugins

Star

Volatility plugins to recover ML model attributes from memory images

python volatility memory-forensics volatility-plugins volatility-framework carla-simulator carla-driving-simulator

Updated Aug 10, 2021
Python

bolisettynihith / Memlabs-Writeups

Star

Writeups for Memlabs

forensics dfir writeups memory-forensics

Updated Sep 9, 2021

Improve this page

Add a description, image, and links to the memory-forensics topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the memory-forensics topic, visit your repo's landing page and select "manage topics."