mem
Tool used for dumping memory from Android devices. Root access is required. ./mem pid out_path where pid is the target PID to capture and out_path is the local dir to write output. If out_path is not there, writes to stdout. To ensure forensic soundness, mem should be copied into memory (/dev or another tmpfs location), and netcat should be used to write data out over ADB to avoid writing to the device. Netcat versions compiled for Android can be found at https://github.com/MobileForensicsResearch/netcat. Eg: 1: On local machine run: adb forward tcp:9999 tcp:9999 2: From adb shell run: ./mem pid | nc -l -p 9999 3: On local machine run: nc 127.0.0.1 9999 > output_file
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
A powerful tool for analyzing and visualizing system activity timelines.
GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.
A Mac OS X computer forensics tool for analyzing system artifacts, user files, and logs with reputation verification and log aggregation capabilities.
A DFVFS backed viewer project with a WxPython GUI, aiming to enhance file extraction and viewing capabilities.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.