TotalRecall
A Volatility-based script for memory forensics that runs plugins, creates timelines, and scans for malware using YARA, ClamAV, and VirusTotal.
Overview
Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.
Related Projects
WDBGARKWinDBG Anti-RootKit Extension
VolUtilityWeb App for Volatility framework
inVtero.netinVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
evolveWeb interface for the Volatility Memory Forensics Framework
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.