LiME Logo

LiME

0
Free
Visit Website

LiME (Linux Memory Extractor) is a Loadable Kernel Module (LKM) that enables volatile memory acquisition from Linux and Linux-based devices, including Android. It is the first tool to allow full memory captures on Android devices, minimizing user-kernel space interaction for more forensically sound captures. Features include full Android memory acquisition, acquisition over network interface, minimal process footprint, and hash of dumped memory. Usage involves loading the module using the insmod command with specified arguments like path, format, and optional parameters like digest and dio.

FEATURES

ALTERNATIVES

A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.

IE10Analyzer can parse and recover records from WebCacheV01.dat, providing detailed information and conversion capabilities.

A recognition framework for identifying products, services, operating systems, and hardware by matching fingerprints against network probes.

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.

Comprehensive suite for advanced file analysis and software supply chain security.

A powerful tool for analyzing and visualizing system activity timelines.

A tool for analyzing pentest screenshots using a convolutional neural network

libevt is a library to access and parse Windows Event Log (EVT) files.