Memory Forensics
Showing 22 of 22 projects
A Windows security tool for extracting credentials, hashes, and Kerberos tickets from memory and performing various post-exploitation techniques.
A runtime mobile exploration toolkit powered by Frida for security assessment of iOS and Android apps without jailbreak.
A curated list of awesome free forensic analysis tools, resources, and learning materials for digital investigators.
A curated list of awesome free (mostly open source) forensic analysis tools and resources for digital investigations.
A memory forensics framework for extracting digital artifacts from volatile memory (RAM) samples across Windows, Linux, and macOS.
An open-source memory forensic framework for extracting and analyzing digital artifacts from Windows, Linux, and OSX memory images.
A portable volatile memory acquisition tool for Linux that captures memory images without requiring target OS or kernel knowledge.
Scans files and process memory for Cobalt Strike beacons and extracts their configuration.
A dynamic unpacker for Windows malware that deploys packed executables, waits for payload unpacking, and dumps the extracted code.
A Volatility plugin that extracts configuration data and decoded strings from known malware families in memory images.
A Python sandbox that automatically collects, analyzes, and reports runtime indicators of Linux malware through static, dynamic, and memory analysis.
A web interface for the Volatility memory forensics framework that runs plugins, stores results in MongoDB, and enables cross-plugin search.
A high-speed memory forensics tool for analyzing physical memory dumps to find/extract processes and hypervisors using virtual machine introspection.
A framework to analyze, dissect, and decompile complex code-reuse attacks like ROP chains from memory dumps.
A C++ Windows malware analysis tool that uses memory and code hooks to detect and extract hidden code from packers.
A distributed web interface for collaborative memory forensics analysis using Volatility 3.
An automated memory analysis tool for malware samples and memory dumps that extracts executables, processes, injections, and artifacts.
A web-based interface for the Volatility memory forensics framework, enabling browser-based analysis of RAM dumps.
An open-source memory forensics tool built on Volatility for differential analysis and data reduction in malware investigations.
Recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
A Python script that uses Volatility to analyze malware memory footprints by comparing Windows memory images before and after infection.
A WinAppDbg script that automates malware unpacking by detecting unpacking behaviors and dumping decrypted memory.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.