volatility
Memory extractor
A toolset for extracting digital artifacts from volatile memory samples.
An advanced memory forensics framework
7k stars
310 watching
1k forks
Language: Python
last commit: over 2 years ago
Linked from 8 awesome lists
malwarememorypythonramvolatility-framework
sbilly/awesome-security
rshipp/awesome-malware-analysis
apsdehal/awesome-ctf
meirwah/awesome-incident-response
tylerha97/awesome-reversing
cugu/awesome-forensics
shadawck/awesome-anti-forensic
digitalisx/awesome-memory-forensicsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| volatilityfoundation/volatility3 | Extracts digital artifacts from volatile memory samples | 2,762 |
 gleeda/memtriage | Analyze Windows machine RAM artifacts using Winpmem and Volatility | 218 |
 bashtage/arch | Provides tools and models for analyzing financial time series and detecting patterns in volatility. | 1,342 |
 kevthehermit/volutility | A web-based tool for analyzing memory dumps using the Volatility framework. | 381 |
 mkorman90/volatilitybot | Automates memory analysis of malware samples and memory dumps by extracting binaries, injections, strings, and analyzing code using heuristics and YARA/Clam AV scanners. | 264 |
| volatilityfoundation/profiles | These zip files provide custom configurations for analyzing Linux and Mac OS X systems using the Volatility framework. | 319 |
 carlospolop/autovolatility | A tool for running multiple volatility plugins simultaneously to analyze and extract data from memory dumps. | 110 |
 kd8bny/limeaide | Automates the process of remotely dumping RAM and creating volatility profiles on Linux clients. | 161 |
 n0fate/volafox | A memory analysis toolkit for macOS developed in Python | 166 |
 jameshabben/evolve | A web interface for analyzing memory dumps using the Volatility framework, providing an interactive and collaborative environment for forensic analysis. | 259 |
 forensicxlab/volatility3_plugins | A collection of plugins for analyzing digital forensic data from various sources | 22 |
 citronneur/volatility-wnf | Tools for analyzing Windows Notification Facilities and related data | 15 |
 shanek2/invtero.net | Analyzes and validates physical memory from various systems to extract process information and hypervisor details | 281 |
 monnappa22/hollowfind | A Volatility plugin to detect hollowing techniques used in process analysis | 131 |
 ldo-cert/orochi | A framework for collaborative memory dump analysis using Volatility and distributed processing | 226 |