MemLabs is an educational repository containing CTF-styled challenges focused on memory forensics training. The platform provides structured learning experiences through different difficulty levels, ranging from beginner-friendly challenges to advanced scenarios. Each challenge is designed to teach users how to approach memory forensics investigations using tools like Volatility. The repository serves as a practice environment for students, security researchers, and CTF participants who want to develop their memory analysis skills. Challenges are organized progressively, allowing users to build their expertise systematically from basic concepts to complex memory forensics techniques. The platform focuses specifically on memory dump analysis, helping users understand how to extract and analyze artifacts from system memory captures. Users learn to identify malicious processes, recover deleted files, analyze network connections, and uncover evidence from memory images through hands-on practice scenarios.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A library for accessing and parsing Windows NT Registry File (REGF) format files, designed for digital forensics and registry analysis applications.
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
Zenduty's platform provides real-time operational health monitoring and incident response orchestration to improve incident response times and build a solid on-call culture.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.