Security Operations for Memory Forensics
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management. Task: Memory Forensics
Browse 89 security tools
FEATURED
USE CASES
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
A standardized framework for describing and classifying cybersecurity incidents
A forensic tool to find hidden processes and TCP/UDP ports by rootkits or other hidden techniques.
Team-based cyber range platform for IR simulation, training & benchmarking.
Incident Response Documentation tool for tracking findings and tasks.
A simple tool to take screenshots of HTTPS websites
An HTTP proxy, monitor, and reverse proxy tool for viewing HTTP and SSL/HTTPS traffic.
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
A powerful tool for analyzing and visualizing system activity timelines.
Modern digital forensics and incident response platform with comprehensive tools.
Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
A Python module for orchestrating remote forensic data acquisition and analysis from Linux instances using Amazon SSM.
Margarita Shotgun is a Python tool that enables remote memory acquisition from target systems through command line interface, supporting Linux distributions and other operating systems via Docker containers.
A tool for fixing acquired .evt Windows Event Log files in digital forensics.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Web-based tool for incident response with easy local installation using Docker.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
PowerGRR is a PowerShell API client library that automates GRR (Google Rapid Response) operations for digital forensics and incident response across multiple operating systems.
MemLabs provides CTF-styled memory forensics challenges designed to teach students and security researchers how to analyze memory dumps using tools like Volatility.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A container of PCAP captures mapped to the relevant attack tactic
Stay Updated with Mandos Brief
Get strategic cybersecurity insights in your inbox