volafox
Memory analyzer
A memory analysis toolkit for macOS developed in Python
Mac OS X Memory Analysis Toolkit
166 stars
16 watching
38 forks
Language: Python
last commit: over 9 years ago
Linked from 2 awesome lists
shadawck/awesome-anti-forensic
digitalisx/awesome-memory-forensicsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 kevthehermit/volutility | A web-based tool for analyzing memory dumps using the Volatility framework. | 381 |
 xplico/xplico | Analyzes network traffic data from captured packets to extract and decode specific protocols and information. | 183 |
 ytisf/muninn | A tool to assist in memory forensics analysis on Windows systems by automating the process of extracting and exporting relevant data from memory images. | 52 |
 ydkhatri/macforensics | A collection of scripts to analyze and process macOS forensic artifacts. | 182 |
 natebrune/fmem | A Linux kernel module designed to help analyze volatile memory without the limitations of traditional memory dumping tools. | 115 |
 williballenthin/python-ntfs | A Python library for analyzing and working with NTFS file systems. | 81 |
 usualsuspect/malscan | A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches | 12 |
 shanek2/invtero.net | Analyzes and validates physical memory from various systems to extract process information and hypervisor details | 281 |
 kero99/mftmactime | Analyzes and processes NTFS file system data to extract timeline information and run YARA rules for malware detection. | 12 |
| ydkhatri/mac_apt | A digital forensics tool for analyzing macOS and iOS systems | 790 |
 fpco/weigh | Measures memory usage of Haskell values and functions. | 93 |
 deltaf1/pyuxntaldisasm | A tool for disassembling and analyzing 8-bit machine code ROMs. | 2 |
 antique-team/memcad | Analyzes C code for its memory layout and dependencies | 25 |
 mbevilacqua/appcompatprocessor | An application compatibility data analysis tool designed to extract value beyond traditional techniques | 197 |
 volatilityfoundation/profiles | These zip files provide custom configurations for analyzing Linux and Mac OS X systems using the Volatility framework. | 319 |