Visit Website

LiME (Linux Memory Extractor) is a Loadable Kernel Module (LKM) that enables volatile memory acquisition from Linux and Linux-based devices, including Android. It is the first tool to allow full memory captures on Android devices, minimizing user-kernel space interaction for more forensically sound captures. Features include full Android memory acquisition, acquisition over network interface, minimal process footprint, and hash of dumped memory. Usage involves loading the module using the insmod command with specified arguments like path, format, and optional parameters like digest and dio.

FEATURES

ALTERNATIVES

Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.

No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.

Recover event log entries from an image by heuristically looking for record structures.

iOS Mobile Backup Xtractor tool for extracting iOS backups.

A forensics tool for tracking USB device artifacts on Linux machines.

A repository containing material from a talk on sub-domain enumeration techniques

GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.

A console program for file recovery through data carving.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved