{"id":25268250,"url":"https://github.com/serialphotog/linux-memory-analysis-tools","last_synced_at":"2025-04-06T04:19:14.921Z","repository":{"id":277070387,"uuid":"931236615","full_name":"serialphotog/Linux-Memory-Analysis-Tools","owner":"serialphotog","description":"Various POC tools for dumping and scanning the memory on a Linux system.","archived":false,"fork":false,"pushed_at":"2025-02-12T00:10:44.000Z","size":23,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-12T01:23:55.796Z","etag":null,"topics":["forensics","linux","memory-forensics","proof-of-concept"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/serialphotog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-12T00:00:28.000Z","updated_at":"2025-02-12T00:12:42.000Z","dependencies_parsed_at":"2025-02-12T01:23:58.473Z","dependency_job_id":"3ec75c0e-7736-47aa-8d78-a4a77af0fbe5","html_url":"https://github.com/serialphotog/Linux-Memory-Analysis-Tools","commit_stats":null,"previous_names":["serialphotog/linux-memory-analysis-tools"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/serialphotog%2FLinux-Memory-Analysis-Tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/serialphotog%2FLinux-Memory-Analysis-Tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/serialphotog%2FLinux-Memory-Analysis-Tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/serialphotog%2FLinux-Memory-Analysis-Tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/serialphotog","download_url":"https://codeload.github.com/serialphotog/Linux-Memory-Analysis-Tools/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247431236,"owners_count":20937917,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["forensics","linux","memory-forensics","proof-of-concept"],"created_at":"2025-02-12T10:24:25.461Z","updated_at":"2025-04-06T04:19:14.901Z","avatar_url":"https://github.com/serialphotog.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Linux Memory Analysis Tools\n\nThis repository contains some proof-of-concept tools for working with memory analysis on Linux. These work by locating the physical RAM address ranges by processing `/proc/iomem` and associating with regions in `/proc/kcore`. There are currently two tools provided here:\n\n1. `dumpmemory` - Dumps the physical RAM of the system to a file on disk:\n\n    ```\n    dumpmemory \u003coutput_file\u003e\n    ```\n2. `scanmemory` - Scans the system memory for a specified string pattern. Technically there's not many circumstances where you'd want this, but it serves as a POC of how something like this could work:\n \n    ```\n    scanmemory \u003cpattern\u003e \u003cbytes_of_context\u003e\n    ```\n\n## Disclaimer\n\nNote that these tools are nothing more than experimental proofs-of-concept. They have not been extensively tested and I make no guarantee about their accuracy or completeness. \n\n## Building \n\n```bash\nmake\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fserialphotog%2Flinux-memory-analysis-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fserialphotog%2Flinux-memory-analysis-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fserialphotog%2Flinux-memory-analysis-tools/lists"}