https://github.com/serialphotog/linux-memory-analysis-tools

Various POC tools for dumping and scanning the memory on a Linux system.
https://github.com/serialphotog/linux-memory-analysis-tools

forensics linux memory-forensics proof-of-concept

Last synced: 9 months ago
JSON representation

Various POC tools for dumping and scanning the memory on a Linux system.

Host: GitHub
URL: https://github.com/serialphotog/linux-memory-analysis-tools
Owner: serialphotog
License: gpl-3.0
Created: 2025-02-12T00:00:28.000Z (11 months ago)
Default Branch: main
Last Pushed: 2025-02-12T00:10:44.000Z (11 months ago)
Last Synced: 2025-02-12T01:23:55.796Z (11 months ago)
Topics: forensics, linux, memory-forensics, proof-of-concept
Language: C
Homepage:
Size: 22.5 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Linux Memory Analysis Tools

This repository contains some proof-of-concept tools for working with memory analysis on Linux. These work by locating the physical RAM address ranges by processing `/proc/iomem` and associating with regions in `/proc/kcore`. There are currently two tools provided here:

1. `dumpmemory` - Dumps the physical RAM of the system to a file on disk:

```
dumpmemory
```
2. `scanmemory` - Scans the system memory for a specified string pattern. Technically there's not many circumstances where you'd want this, but it serves as a POC of how something like this could work:

```
scanmemory
```

## Disclaimer

Note that these tools are nothing more than experimental proofs-of-concept. They have not been extensively tested and I make no guarantee about their accuracy or completeness.

## Building

```bash
make
```

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/serialphotog/linux-memory-analysis-tools

Awesome Lists containing this project

README