memory-analysis

21 tools and resources

NEW

mXtract Logo

mXtract

0 (0)

mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.

Digital Forensics
Free
memory-analysispenetration-testingregexmemory-dumping
ssm-acquire Logo

ssm-acquire

0 (0)

A python module for orchestrating content acquisitions and analysis via Amazon SSM.

Digital Forensics
Free
awsssmmemory-analysisdockerosquery
Rekall Logo

Rekall

0 (0)

Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.

Digital Forensics
Free
memory-analysisforensic-analysisvolatilitymemory-forensics
Fridump Logo

Fridump

0 (0)

Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.

Digital Forensics
Free
memory-dumpingfridapenetration-testingmemory-analysisbinary-security
Linux Expl0rer Logo

Linux Expl0rer

0 (0)

Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.

Digital Forensics
Free
forensicslinuxendpoint-securitypythonflaskmemory-analysis
CobaltStrikeScan Logo

CobaltStrikeScan

0 (0)

Scan files or process memory for Cobalt Strike beacons and parse their configuration.

Threat Management
Free
cobalt-strikedll-injectionmemory-analysisyarawindows-security
AMExtractor Logo

AMExtractor

0 (0)

AMExtractor is an Android Memory Extractor tool.

Digital Forensics
Free
binary-securityfile-analysismemory-analysis
malscan Logo

malscan

0 (0)

Malscan is a tool to scan process memory for YARA matches and execute Python scripts.

Digital Forensics
Free
malware-detectionmemory-analysisyarapythonmalware-analysis
ics_mem_collect Logo

ics_mem_collect

0 (0)

Developing APIs to access memory on industrial control system devices.

Digital Forensics
Free
industrial-control-systemsmemory-analysisdigital-forensicsincident-response
Art of Memory Forensics Logo

Art of Memory Forensics

0 (0)

A comprehensive guide to memory forensics, covering tools, techniques, and procedures for analyzing volatile memory.

Training and Resources
Free
memory-forensicsmemory-analysisdigital-forensicsincident-response
DCEPT Logo

DCEPT

0 (0)

A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts

Network Security
Free
honeytokenendpoint-securitymemory-analysisprivilege-escalationincident-response
VolUtility Logo

VolUtility

0 (0)

Web interface for the Volatility Memory Analysis framework with advanced features.

Digital Forensics
Free
memory-analysisvolatilityfile-extractionsearch-engine
dynStruct Logo

dynStruct

0 (0)

dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.

Malware Analysis
Free
binary-analysisbinary-securitymemory-analysiself
Volatility Web Interface Logo

Volatility Web Interface

0 (0)

Web interface for the Volatility Memory Forensics Framework

Digital Forensics
Free
memory-forensicsvolatilitymemory-analysisforensic-investigationdigital-forensicsmemory-dump
Volatility 3 Logo

Volatility 3

0 (0)

A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.

Digital Forensics
Free
digital-forensicsmemory-analysisvolatilitymemory-forensics
CIRTKit Logo

CIRTKit

0 (0)

A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.

Security Operations
Free
dfirdigital-forensicsincident-responsepacket-analysisjavascriptdeobfuscationvolatilitymemory-analysisscriptingautomation
VolatilityBot Logo

VolatilityBot

0 (0)

VolatilityBot automates binary extraction and memory analysis, including detecting code injections and strings.

Malware Analysis
Free
binary-securitymemory-analysisautomationcode-injectionyara
Redline Logo

Redline

0 (0)

A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.

Endpoint Security
Free
endpoint-securitymemory-analysisfile-analysis
volafox Logo

volafox

0 (0)

A Python 2.x tool for memory analysis on Mac OS X systems with support for various OS versions and memory image export capabilities.

Digital Forensics
Free
macmemory-analysismac-os-x
MemProcFS Logo

MemProcFS

0 (0)

View physical memory as files in a virtual file system for easy memory analysis and artifact access.

Digital Forensics
Free
memory-analysisfile-systemvirtual-file-systemmemory-dumpincident-response
LiMEaide v2.0 Logo

LiMEaide v2.0

0 (0)

Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.

Digital Forensics
Free
digital-forensicslinuxvolatilitymemory-analysisremote-access