DuckMemoryScan

Memory scanner

A tool to detect memory-based evasion techniques used in malware and rootkits

检测绝大部分所谓的内存免杀马

702 stars

17 watching

133 forks

Language: C++

last commit: about 2 years ago

Related projects:

Repository	Description	Stars
huoji120/cobaltstrikedetected	Detects potential Cobalt Strike malware by analyzing memory allocation patterns during code execution	271
rek7/mxtract	Analyzes and dumps memory to extract sensitive information from running processes	582
usualsuspect/malscan	A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches	12
trainr3kt/memreader_bof	A tool that searches and extracts specific strings from another process's memory	41
mirage/conan	Re-implementation of a file recognition engine with support for multiple MIME types and decision trees.	48
zer0mem0ry/kernelreadwritememory	A proof-of-concept project demonstrating kernel-level memory manipulation on Windows NT	275
marcosd4h/memhunter	Automated endpoint sensor tool to detect memory-resident malware without requiring memory dumps	375
codecat/clawsearch	A plugin that scans memory in 64-bit debuggers to locate specific values, inspired by Cheat Engine.	275
jpcertcc/malconfscan	Tools to extract configuration data from known malware samples in memory images.	485
ramortegui/clamxir	A wrapper around ClamAV's scanning functionality for Elixir applications.	13
crowdstrike/supermem	A tool for processing Windows memory images to extract relevant information	258
maoni0/mem-doc	A resource for .NET memory analysis and diagnostics	1,828
mitrecnd/malchive	A collection of reusable scripts and tools for analyzing malicious software	75
zu1k/beacon_hook_bypass_memscan	Bypassing memory scanning to evade detection by the Karbenz CASB (Content Awareness Security Platform) security solution	24
nccgroup/windowsmempagedelta	Software designed to monitor Windows executable memory page changes to detect anomalies in system behavior	28