DuckMemoryScan
Memory scanner
A tool to detect memory-based evasion techniques used in malware and rootkits
检测绝大部分所谓的内存免杀马
711 stars
17 watching
137 forks
Language: C++
last commit: over 2 years ago Related projects:
Repository | Description | Stars |
---|---|---|
huoji120/cobaltstrikedetected | Detects potential Cobalt Strike malware by analyzing memory allocation patterns during code execution | 272 |
rek7/mxtract | Analyzes and dumps memory to extract sensitive information from running processes | 582 |
usualsuspect/malscan | A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches | 12 |
trainr3kt/memreader_bof | A tool that searches and extracts specific strings from another process's memory | 41 |
mirage/conan | Re-implementation of a file recognition engine with support for multiple MIME types and decision trees. | 48 |
zer0mem0ry/kernelreadwritememory | A proof-of-concept project demonstrating kernel-level memory manipulation on Windows NT | 274 |
marcosd4h/memhunter | Automated endpoint sensor tool to detect memory-resident malware without requiring memory dumps | 378 |
codecat/clawsearch | A plugin that scans memory in 64-bit debuggers to locate specific values, inspired by Cheat Engine. | 275 |
jpcertcc/malconfscan | Tools to extract configuration data from known malware samples in memory images. | 483 |
ramortegui/clamxir | A wrapper around ClamAV's scanning functionality for Elixir applications. | 13 |
crowdstrike/supermem | A tool for processing Windows memory images to extract relevant information | 260 |
maoni0/mem-doc | A resource for .NET memory analysis and diagnostics | 1,841 |
mitrecnd/malchive | A collection of reusable scripts and tools for analyzing malicious software | 75 |
zu1k/beacon_hook_bypass_memscan | Bypassing memory scanning to evade detection by the Karbenz CASB (Content Awareness Security Platform) security solution | 24 |
nccgroup/windowsmempagedelta | Software designed to monitor Windows executable memory page changes to detect anomalies in system behavior | 28 |