LiME Logo

LiME

0
Free
Visit Website

LiME (Linux Memory Extractor) is a Loadable Kernel Module (LKM) that enables volatile memory acquisition from Linux and Linux-based devices, including Android. It is the first tool to allow full memory captures on Android devices, minimizing user-kernel space interaction for more forensically sound captures. Features include full Android memory acquisition, acquisition over network interface, minimal process footprint, and hash of dumped memory. Usage involves loading the module using the insmod command with specified arguments like path, format, and optional parameters like digest and dio.

FEATURES

ALTERNATIVES

Educational CTF-styled challenges for Memory Forensics.

Remote Acquisition Tool

A forensics tool for tracking USB device artifacts on Linux machines.

A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.

A command-line utility and Python package for mounting and unmounting various disk image formats with support for different volume systems and filesystems.

A free, open-source file data recovery software that can recover lost files from hard disks, CD-ROMs, and digital camera memory.

A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.

A reverse engineering framework with a focus on usability and code cleanliness

PINNED