#

memory-forensics

Here are 41 public repositories matching this topic...

hasherezade / pe-sieve

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

scans anti-malware malware-analysis pe-format hooking pe-analyzer memory-forensics pe-dumper libpeconv process-analyzer pe-sieve

Updated May 6, 2022
C++

hasherezade / hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

anti-malware malware-analysis memory-forensics malware-detection pe-sieve

Updated Apr 12, 2022
C

MemLabs

stuxnet999 / MemLabs

Educational, CTF-styled labs for individuals interested in Memory Forensics

windows security forensics dfir cybersecurity ctf digital-forensics memory-forensics ctf-challenges

Updated Mar 8, 2021
Shell

swwwolf / wdbgark

WinDBG Anti-RootKit Extension

windows c-plus-plus visual-studio malware driver kernel-mode crash-dump windbg malware-analysis windbg-extension malware-research forensic-analysis debugging-tool memory-forensics anomaly-detection anti-rootkit wdbgark user-mode sww wa-haltables wa-idt wa-objtype wa-ssdt wa-colorize wa-checkmsr wa-pnptable wa-crashdmpcall wa-objtypecb swwwolf

Updated Jul 29, 2020
C++

microsoft / avml

AVML - Acquire Volatile Memory for Linux

rust memory-forensics linux-security

Updated May 7, 2022
Rust

teamdfir / sift

SIFT

cli forensics saltstack sift memory-forensics sans issues-only timeline-analysis salt-state

Updated Mar 2, 2022

hasherezade / mal_unpack

Dynamic unpacker based on PE-sieve

malware-analysis memory-forensics libpeconv pe-sieve malware-unpacker

Updated May 6, 2022
C

patois / IDACyber

Data Visualization Plugin for IDA Pro

pixel-art reverse-engineering data-visualization memory-hacking ida ida-pro cyber exploitation idapython-plugin memory-forensics color-filter firmware-analysis

Updated Dec 17, 2021
Python

gleeda / memtriage

Allows you to quickly query a Windows machine for RAM artifacts

ram memory malware memory-analysis volatility memory-forensics windows-machine live-analysis winpmem

Updated Jul 17, 2020
Python

msuiche / LiveCloudKd

Hyper-V Research is trendy now

virtual-machines memory-forensics

Updated Aug 11, 2020
C

cado-security / rip_raw

Rip Raw is a small tool to analyse the memory of compromised Linux systems.

security forensics dfir forensic-analysis memory-forensics dfir-automation

Updated Jan 31, 2022
Python

asiamina / A-Course-on-Digital-Forensics

A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University

network-forensics reverse-engineering courses digital-forensics memory-forensics

Updated Mar 18, 2022

evild3ad / MemProcFS-Analyzer

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

powershell incident-response dfir digital-forensics memory-forensics memprocfs

Updated Jun 19, 2021

ytisf / muninn

Sponsor

A short and small memory forensics helper.

python volatility memory-forensics

Updated Oct 18, 2017
Python

Apr4h / GetInjectedThreads

C# Implementation of Jared Atkinson's Get-InjectedThread.ps1

incident-response blueteam memory-forensics process-injection

Updated Jul 11, 2021
C#

Hestat / calamity

A script to assist in processing forensic RAM captures for malware triage

dfir malware-analysis volatility memory-forensics

Updated Feb 4, 2021
Shell

iAbadia / Volatility-Plugin-Tutorial

Development guide for Volatility Plugins

python plugin tutorial guide volatility memory-forensics

Updated Sep 6, 2017

pagabuc / kallsyms-extractor

Tool to extract the kallsyms (System.map) from a memory dump

python linux-kernel unicorn-emulator memory-forensics kallsyms

Updated Jun 18, 2021
Python

amir9339 / volatility-docker

A suite of Volatility 3 plugins for memory forensics of Docker containers

docker containers dfir memory-forensics volatility-plugins volatility3

Updated Apr 13, 2022
Python

smartvmi

GDATASoftwareAG / smartvmi

Virtual Machine Introspection (VMI) for memory forensics and machine-learning.

malware-analysis malware-research virtual-machine-introspection memory-forensics vmi

Updated May 5, 2022
C++

TazWake / volatility-plugins

Learning volatility plugins.

python memory-forensics volatility-plugins

Updated Feb 16, 2021
Python

ncsc-fi / minion-rules

Minion rules for DFIR work.

open-source forensics dfir memory-forensics dfir-automation

Updated Jun 9, 2020

wongkenny240 / ComputerForensics

My digital forensics notebook

incident-response dfir digital-forensics memory-forensics digital-forensics-incident-response

Updated Sep 10, 2021

forensenellanebbia / volatility-profiles

My Linux profiles built for Volatility 2/3

ram memory fedora forensics rhel volatility memory-forensics volatility-framework volatility-profiles volatility3

Updated Apr 2, 2022

mylamour / -_--Forensics-Tools

Not Only Forensics Toolkit

tools standalone forensics memory-forensics password-extraction

Updated Apr 8, 2018
PowerShell

vmayoral / ros_volatility

ram ros forensics robot-operating-system volatility memory-forensics

Updated Nov 2, 2018
Python

reverseame / similarity-unrelocated-module

Volatility plugin to yield and compare similarity digest of modules on execution.

python sum volatility memory-forensics volatility-plugins approximate-matching fuzzy-hash similarity-digest

Updated Dec 29, 2021
Python

samduy / volatility-uclinux

Volatility profile for uclinux

python profile digital-forensics volatility memory-forensics uclinux

Updated Jun 19, 2020
Python

reverseame / windows-memory-extractor

Tool to extract contents from the memory of Windows systems.

windows memory-forensics

Updated Sep 13, 2021
C++

pagabuc / atomicity_tops

Introducing the Temporal Dimension to Memory Forensics - ACM Transactions on Privacy and Security 2019

memory-analysis volatility memory-forensics

Updated Jul 15, 2019
Python

Improve this page

Add a description, image, and links to the memory-forensics topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the memory-forensics topic, visit your repo's landing page and select "manage topics."