Memory RSS

AfterLife Popular

0 reviews

AfterLife permits the collection of physical memory contents from a system after a warm or cold reboot. The tool is an extension of the msramdump utility by Wesley McGrew that?adds forensic features and some functionality. In addition to providing a se ...
Read More...

Unique Pageviews3,835
Rating
Star00Star00Star00Star00Star00
Website Clicks2,177
Arsenal Recon Hibernation Recon

As the adoption of Cloud technologies and solid-state storage increases, impacting the kinds of data that can be recovered from Windows® computers, the exploitation of hibernation files to "look back in time" and uncover compelling evidence becomes eve ...
Read More...

Unique Pageviews3,394
Rating
Star00Star00Star00Star00Star00
Website Clicks2,060

Automated tool that collects volatile data from Windows, OSX, and *nix based operating systems

Unique Pageviews6,595
Rating
Star00Star00Star00Star00Star00
Website Clicks1,984

Calamity

0 reviews

 A script to assist in processing forensic RAM captures for malware triage.

Uses Volatility, ClamAV and Loki IOC scanner to assist Jr Analysts and automate triaging malware detection in RAM dumps.

 

https://laskowski-tech.com/20 ...
Read More...

Unique Pageviews667
Rating
Star00Star00Star00Star00Star00
Website Clicks264

CIRTKit Popular

0 reviews

Tools for the Computer Inciden ...
Read More...

Unique Pageviews5,206
Rating
Star00Star00Star00Star00Star00
Website Clicks2,231

Direct Dump

★★★★★
0 reviews

Direct Dump is a hardware and software product that allows simple and efficient access to both volatile and non-volatile data from multiple devices and software / hardware platforms. It allows the extraction of data quickly and always respecting the in ...
Read More...

Unique Pageviews1,836
Rating
Star10Star10Star10Star10Star10
Website Clicks919
Votes1

A POC tool for initial quick analysis of memory images for fun and learning!  htt ...
Read More...
Unique Pageviews2,127
Rating
Star10Star10Star10Star10Star00
Website Clicks1,047
Votes1

findaes Popular

0 reviews

Searches for AES keys by searching for their key schedules. Able to find 128. 192, and 256 bit keys, such as those used by TrueCrypt and BitLocker. Originally intended for memory images, can use arbitrary data.

Unique Pageviews3,111
Rating
Star00Star00Star00Star00Star00
Website Clicks867

All-in-one evidence collector for Incident Response

Unique Pageviews1,891
Rating
Star10Star10Star10Star10Star10
Website Clicks841
Votes6

KeeFarce Popular

0 reviews

Read More...
Unique Pageviews2,700
Rating
Star00Star00Star00Star00Star00
Website Clicks1,025

mg - Script for automating Linux memory capture and analysis

Unique Pageviews3,155
Rating
Star00Star00Star00Star00Star00
Website Clicks1,776

"Magnet RAM Capture is a free imaging tool designed to capture the physical memory of a suspect?s computer, allowing investigators to recover and analyze valuable artifacts that are often only found in memory." www.magnetf ...
Read More...

Unique Pageviews5,220
Rating
Star10Star10Star10Star10Star10
Website Clicks2,043
Votes1

Magnet Process Capture is a free tool that allows you to capture memory from individual running processes. Whether you’re short on time or are only interested in specific processes, Magnet Process Capture can retrieve these specific processes and also ...
Read More...

Unique Pageviews2,249
Rating
Star00Star00Star00Star00Star00
Website Clicks1,326

"Memoryze? for the Mac is free memory forensic software that helps incident responders find evil in memory on Macs. Memoryze for the Mac can acquire and/or analyze memory images. Analysis can be performed on offline memory ...
Read More...

Unique Pageviews3,050
Rating
Star00Star00Star00Star00Star00
Website Clicks1,183

MemProcFS

0 reviews

The Memory Process File System:

The Memory Process File System is an easy and convenient way of accessing physical memory as files a virtual file system.

Easy trivial point and click memory analysis without the need for complicated co ...
Read More...

Unique Pageviews1,524
Rating
Star00Star00Star00Star00Star00
Website Clicks674

memtriage

0 reviews

Allows you to quickly query a live Windows machine for RAM artifacts

This tool utilizes the  Winpmem  drivers to access physical memory, and  Read More...

Unique Pageviews1,624
Rating
Star00Star00Star00Star00Star00
Website Clicks839

"volafox project is most famous memory forensic toolkit for Mac OS X. This programs have been developed with the python language. volafox analyze physical memory image on Intel x86 and IA-32e. If you use this tool for digi ...
Read More...

Unique Pageviews3,710
Rating
Star00Star00Star00Star00Star00
Website Clicks1,415

"olafunx, another tool in volafox project, is unique tool for analyzing FreeBSD memory image. It have been developed with the python language. volafunx support Intel x86 & IA-32e architecture. It is experimental projec ...
Read More...

Unique Pageviews3,250
Rating
Star00Star00Star00Star00Star00
Website Clicks1,422

RAMMon

0 reviews

Unique Pageviews1,882
Rating
Star00Star00Star00Star00Star00
Website Clicks1,391

Responder PRO

0 reviews

Responder PRO is the industry standard physical memory and automated malware analysis solution. It is the most advanced tool available for ...
Read More...

Unique Pageviews3,447
Rating
Star00Star00Star00Star00Star00
Website Clicks1,675

Unique Pageviews3,138
Rating
Star00Star00Star00Star00Star00
Website Clicks1,208

Surge

0 reviews

Trustworthy incident response starts with reliable, verifiable data collection. Volexity’s Surge Collect provides a flexible solution that improves the speed of response and the recovery of valuable memory-only ar ...
Read More...

Unique Pageviews1,221
Rating
Star00Star00Star00Star00Star00
Website Clicks499

" In 2007, the first version of The Volatility Framework was released publicly at Black Hat DC. The software was based on years of published academic research into advanced memory analysis ...
Read More...

Unique Pageviews3,325
Rating
Star10Star10Star10Star10Star10
Website Clicks1,377
Votes1

Volatility Workbench Popular

0 reviews

Volatility Workbench is a graphical user interface (GUI) for the?Volatility tool. Volatility is a command line memory analysis and forensics tool for extracting artifacts from memory dumps. Volatility Workbench is free, open source and runs in Windows. ...
Read More...

Unique Pageviews3,604
Rating
Star00Star00Star00Star00Star00
Website Clicks1,913

VolatilityBot Popular

0 reviews

VolatilityBot is an automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis investigation. Not only does it automatically ...
Read More...

Unique Pageviews3,780
Rating
Star00Star00Star00Star00Star00
Website Clicks1,710

Volcano

0 reviews

A comprehensive, cross-platform, next- generation memory analysis solution, Volexity Volcano Professional’s powerful core extracts, indexes, and correlates artifacts to provide unprecedented visibility into systems’ runtime state and trustworthiness.

Unique Pageviews1,473
Rating
Star00Star00Star00Star00Star00
Website Clicks504

VolDiff

0 reviews

"VolDiff: Malware Memory Footprint Analysis based on Volatility" github.com/aim4r/VolDiff

Unique Pageviews3,217
Rating
Star00Star00Star00Star00Star00
Website Clicks1,544

VolUtility

0 reviews

"Web App for Volatility framework" github.com/kevthehermit/VolUtility

Unique Pageviews3,392
Rating
Star00Star00Star00Star00Star00
Website Clicks1,610

Vortessence

0 reviews

"Vortessence is a tool, whose aim is to partially automate memory forensics analysis." www.weare4n6.com/automate-memory-forensics-analysis-with-vortessence/

Unique Pageviews2,993
Rating
Star00Star00Star00Star00Star00
Website Clicks1,443

\"A GUI-based memory forensic capture and analysis toolkit. Allows for the import of standard WinDD memory dumps which are then automatically reverse engineered and presented in an easy-to-view format for forensic analysi ...
Read More...

Unique Pageviews2,918
Rating
Star00Star00Star00Star00Star00
Website Clicks1,380