memtriage
RAM analyzer
Analyze Windows machine RAM artifacts using Winpmem and Volatility
Allows you to quickly query a Windows machine for RAM artifacts
218 stars
16 watching
22 forks
Language: Python
last commit: over 4 years ago live-analysismalwarememorymemory-analysismemory-forensicsramvolatilitywindows-machinewinpmem
Related projects:
| Repository | Description | Stars |
|---|---|---|
 mkorman90/volatilitybot | Automates memory analysis of malware samples and memory dumps by extracting binaries, injections, strings, and analyzing code using heuristics and YARA/Clam AV scanners. | 264 |
 evild3ad/memprocfs-analyzer | Automated tool for forensic analysis of Windows memory dumps | 555 |
 crowdstrike/supermem | A tool for processing Windows memory images to extract relevant information | 260 |
 forrest-orr/moneta | A tool for analyzing memory on Windows systems to detect malware IOCs | 707 |
 kd8bny/limeaide | Automates the process of remotely dumping RAM and creating volatility profiles on Linux clients. | 161 |
 idiom/pftriage | Tool to analyze files during malware analysis and triage by extracting properties and detecting malicious indicators. | 77 |
 maoni0/mem-doc | A resource for .NET memory analysis and diagnostics | 1,841 |
 antique-team/memcad | Analyzes C code for its memory layout and dependencies | 25 |
 bashtage/arch | Provides tools and models for analyzing financial time series and detecting patterns in volatility. | 1,342 |
 microsoft/mm-react | An AI-powered system that leverages multimodal reasoning and action to analyze visual data and provide insights | 940 |
 moaistory/winsearchdbanalyzer | An analyzer tool designed to parse and extract data from Windows.edb files, a database used by Windows Search. | 121 |
 shanek2/invtero.net | Analyzes and validates physical memory from various systems to extract process information and hypervisor details | 281 |
 kevthehermit/volutility | A web-based tool for analyzing memory dumps using the Volatility framework. | 381 |
 mitre/advmlthreatmatrix | A framework to help security analysts understand and prepare for adversarial machine learning attacks on AI systems | 1,056 |
 usualsuspect/malscan | A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches | 12 |