Memory Analysis
Explore 21 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
A python module for orchestrating content acquisitions and analysis via Amazon SSM.
A python module for orchestrating content acquisitions and analysis via Amazon SSM.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
AMExtractor is an Android Memory Extractor tool.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
Developing APIs to access memory on industrial control system devices.
Developing APIs to access memory on industrial control system devices.
A comprehensive guide to memory forensics, covering tools, techniques, and procedures for analyzing volatile memory.
A comprehensive guide to memory forensics, covering tools, techniques, and procedures for analyzing volatile memory.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
Web interface for the Volatility Memory Analysis framework with advanced features.
Web interface for the Volatility Memory Analysis framework with advanced features.
dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.
dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.
Web interface for the Volatility Memory Forensics Framework
Web interface for the Volatility Memory Forensics Framework
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.
A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.
VolatilityBot automates binary extraction and memory analysis, including detecting code injections and strings.
VolatilityBot automates binary extraction and memory analysis, including detecting code injections and strings.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
A Python 2.x tool for memory analysis on Mac OS X systems with support for various OS versions and memory image export capabilities.
A Python 2.x tool for memory analysis on Mac OS X systems with support for various OS versions and memory image export capabilities.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.