memory-forensics topic

List memory-forensics repositories

wdbgark

605
Stars
176
Forks
Watchers

WinDBG Anti-RootKit Extension

verified publisher icon swwwolf

MemLabs

1.6k
Stars
197
Forks
Watchers

Educational, CTF-styled labs for individuals interested in Memory Forensics

verified publisher icon stuxnet999

pe-sieve

2.9k
Stars
416
Forks
Watchers

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

verified publisher icon hasherezade

hollows_hunter

1.9k
Stars
248
Forks
Watchers

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

verified publisher icon hasherezade

memtriage

217
Stars
25
Forks
Watchers

Allows you to quickly query a Windows machine for RAM artifacts

verified publisher icon gleeda

sift

473
Stars
66
Forks
Watchers

SIFT

verified publisher icon teamdfir

avml

817
Stars
76
Forks
Watchers

AVML - Acquire Volatile Memory for Linux

verified publisher icon microsoft

IDACyber

287
Stars
35
Forks
Watchers

Data Visualization Plugin for IDA Pro

verified publisher icon patois

rip_raw

132
Stars
16
Forks
Watchers

Rip Raw is a small tool to analyse the memory of compromised Linux systems.

verified publisher icon cado-security

mal_unpack

638
Stars
64
Forks
Watchers

Dynamic unpacker based on PE-sieve

verified publisher icon hasherezade