muninn
Memory analysis helper
A tool to assist in memory forensics analysis on Windows systems by automating the process of extracting and exporting relevant data from memory images.
A short and small memory forensics helper.
52 stars
11 watching
9 forks
Language: Python
last commit: about 7 years ago
Linked from 1 awesome list
memory-forensicspythonvolatility
rshipp/awesome-malware-analysisRelated projects:
| Repository | Description | Stars |
|---|---|---|
 evild3ad/memprocfs-analyzer | Automated forensic analysis tool for Windows memory dumps | 540 |
 n0fate/volafox | A memory analysis toolkit for macOS developed in Python | 165 |
 usualsuspect/malscan | A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches | 12 |
 kevthehermit/volutility | A web-based tool for analyzing memory dumps using the Volatility framework. | 380 |
 shanek2/invtero.net | Analyzes and validates physical memory from various systems to extract process information and hypervisor details | 279 |
 mkorman90/volatilitybot | Automates memory analysis of malware samples and memory dumps by extracting binaries, injections, strings, and analyzing code using heuristics and YARA/Clam AV scanners. | 263 |
 crowdstrike/supermem | A tool for processing Windows memory images to extract relevant information | 258 |
 wmkhoo/taintgrind | A tool to track and analyze memory corruption in C programs | 249 |
 chipmuenk/pyfda | A Python tool for analyzing and designing discrete time filters with a user-friendly GUI. | 653 |
 natebrune/fmem | A Linux kernel module that provides access to physical memory for analysis and dumping. | 115 |
 kero99/mftmactime | Analyzes and processes NTFS file system data to extract timeline information and run YARA rules for malware detection. | 12 |
 thewhiteninja/ntfstool | A forensic tool for analyzing NTFS volumes and decrypting encrypted files | 478 |
 forrest-orr/moneta | A tool for analyzing memory on Windows systems to detect malware IOCs | 685 |
 gleeda/memtriage | Analyze Windows machine RAM artifacts using Winpmem and Volatility | 218 |
 reclassnet/reclass.net | A .NET-based port of ReClass with additional features and support for various data types and memory analysis tools. | 1,829 |