muninn
Memory analysis helper
A tool to assist in memory forensics analysis on Windows systems by automating the process of extracting and exporting relevant data from memory images.
A short and small memory forensics helper.
52 stars
11 watching
9 forks
Language: Python
last commit: over 7 years ago
Linked from 1 awesome list
memory-forensicspythonvolatility
rshipp/awesome-malware-analysisRelated projects:
| Repository | Description | Stars |
|---|---|---|
 evild3ad/memprocfs-analyzer | Automated tool for forensic analysis of Windows memory dumps | 555 |
 n0fate/volafox | A memory analysis toolkit for macOS developed in Python | 166 |
 usualsuspect/malscan | A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches | 12 |
 kevthehermit/volutility | A web-based tool for analyzing memory dumps using the Volatility framework. | 381 |
 shanek2/invtero.net | Analyzes and validates physical memory from various systems to extract process information and hypervisor details | 281 |
 mkorman90/volatilitybot | Automates memory analysis of malware samples and memory dumps by extracting binaries, injections, strings, and analyzing code using heuristics and YARA/Clam AV scanners. | 264 |
 crowdstrike/supermem | A tool for processing Windows memory images to extract relevant information | 260 |
 wmkhoo/taintgrind | A tool to track and analyze memory corruption in C programs | 253 |
 chipmuenk/pyfda | A tool for designing and analyzing digital filters with a graphical user interface. | 658 |
 natebrune/fmem | A Linux kernel module designed to help analyze volatile memory without the limitations of traditional memory dumping tools. | 115 |
 kero99/mftmactime | Analyzes and processes NTFS file system data to extract timeline information and run YARA rules for malware detection. | 12 |
 thewhiteninja/ntfstool | A forensic tool for analyzing NTFS volumes and decrypting encrypted files | 485 |
 forrest-orr/moneta | A tool for analyzing memory on Windows systems to detect malware IOCs | 707 |
 gleeda/memtriage | Analyze Windows machine RAM artifacts using Winpmem and Volatility | 218 |
 reclassnet/reclass.net | A .NET-based port of ReClass with additional features and support for various data types and memory analysis tools. | 1,850 |