Projects in Awesome Lists tagged with memory-forensics
A curated list of projects in awesome lists tagged with memory-forensics .
https://github.com/hasherezade/pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
anti-malware hooking libpeconv malware-analysis memory-forensics pe-analyzer pe-dumper pe-format pe-sieve process-analyzer scans
Last synced: 13 May 2025
https://github.com/hasherezade/hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
anti-malware malware-analysis malware-detection memory-forensics pe-sieve
Last synced: 14 May 2025
https://github.com/stuxnet999/MemLabs
Educational, CTF-styled labs for individuals interested in Memory Forensics
ctf ctf-challenges cybersecurity dfir digital-forensics forensics memory-forensics security windows
Last synced: 13 Apr 2025
https://github.com/microsoft/avml
AVML - Acquire Volatile Memory for Linux
linux-security memory-forensics rust
Last synced: 14 May 2025
https://github.com/hasherezade/mal_unpack
Dynamic unpacker based on PE-sieve
libpeconv malware-analysis malware-unpacker memory-forensics pe-sieve
Last synced: 15 May 2025
https://github.com/swwwolf/wdbgark
WinDBG Anti-RootKit Extension
anomaly-detection anti-rootkit c-plus-plus crash-dump debugging-tool driver forensic-analysis kernel-mode malware malware-analysis malware-research memory-forensics sww swwwolf user-mode visual-studio wdbgark windbg windbg-extension windows
Last synced: 15 Mar 2025
https://github.com/LETHAL-FORENSICS/MemProcFS-Analyzer
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
dfir digital-forensics incident-response live-response memory-forensics memprocfs powershell
Last synced: 03 Mar 2025
https://github.com/teamdfir/sift
SIFT
aws cast cast-distro cli forensics issues-only memory-forensics salt-state saltstack sans sift timeline-analysis
Last synced: 05 Apr 2025
https://github.com/patois/IDACyber
Data Visualization Plugin for IDA Pro
color-filter cyber data-visualization exploitation firmware-analysis ida ida-pro idapython-plugin memory-forensics memory-hacking pixel-art reverse-engineering
Last synced: 15 Mar 2025
https://github.com/patois/idacyber
Data Visualization Plugin for IDA Pro
color-filter cyber data-visualization exploitation firmware-analysis ida ida-pro idapython-plugin memory-forensics memory-hacking pixel-art reverse-engineering
Last synced: 13 Mar 2025
https://github.com/cado-security/varc
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
aws aws-fargate aws-forensics aws-lambda cloud-security dfir dfir-automation docker-forensics eks-forensics fargate-forensics forensics hacktoberfest memory-forensics security
Last synced: 08 May 2025
https://github.com/gleeda/memtriage
Allows you to quickly query a Windows machine for RAM artifacts
live-analysis malware memory memory-analysis memory-forensics ram volatility windows-machine winpmem
Last synced: 17 Mar 2025
https://github.com/msuiche/LiveCloudKd
Hyper-V Research is trendy now
memory-forensics virtual-machines
Last synced: 13 May 2025
https://github.com/asiamina/A-Course-on-Digital-Forensics
A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University
courses digital-forensics disk-forensics memory-forensics mobile-forensics network-forensics reverse-engineering
Last synced: 13 Mar 2025
https://github.com/cado-security/rip_raw
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
dfir dfir-automation forensic-analysis forensics memory-forensics security
Last synced: 12 Jul 2025
https://github.com/ytisf/muninn
A short and small memory forensics helper.
memory-forensics python volatility
Last synced: 07 May 2025
https://github.com/Hestat/calamity
A script to assist in processing forensic RAM captures for malware triage
dfir malware-analysis memory-forensics volatility
Last synced: 13 Apr 2025
https://github.com/gdatasoftwareag/smartvmi
Virtual Machine Introspection (VMI) for memory forensics and machine-learning.
malware-analysis malware-research memory-forensics virtual-machine-introspection vmi
Last synced: 03 Oct 2025
https://github.com/iAbadia/Volatility-Plugin-Tutorial
Development guide for Volatility Plugins
guide memory-forensics plugin python tutorial volatility
Last synced: 13 Apr 2025
https://github.com/TazWake/volatility-plugins
Learning volatility plugins.
memory-forensics python volatility-plugins
Last synced: 13 Apr 2025
https://github.com/amir9339/volatility-docker
A suite of Volatility 3 plugins for memory forensics of Docker containers
containers dfir docker memory-forensics volatility-plugins volatility3
Last synced: 30 Mar 2025
https://github.com/h4sh5/dumpit-mirror
memory dump tool mirror for version 3.0.20171228.1
dumpit memory-dump memory-dumper memory-forensics minidump
Last synced: 23 Mar 2025
https://github.com/vobst/bpfvol3
Linux BPF plugins for Volatility3
bpf ebpf forensics forensics-tools memory-forensics plugin volatility volatility3
Last synced: 09 Oct 2025
https://github.com/fkie-cad/bpf-rootkit-workshop
Workshop: Forensic Analysis of eBPF based Linux Rootkits
bpf bpf-malware ebpf ebpf-malware forensics linux live-forensics malware memory-forensics rootkit
Last synced: 05 Oct 2025
https://github.com/mylamour/-_--forensics-tools
Not Only Forensics Toolkit
forensics memory-forensics password-extraction standalone tools
Last synced: 13 Apr 2025
https://github.com/divinemonk/memory_forensics_with_volatility
Memory Forensics with Volatility
forensics memory memory-forensics volatility
Last synced: 30 Mar 2025
https://github.com/lrmulkayhee/malware-education-repo
This repository provides educational resources and practical examples for understanding and analyzing malware. It includes tutorials, quizzes, presentations, exercises, sample code, and articles that cover various aspects of malware analysis, incident response, and cybersecurity.
behavioral-analysis cybersecurity dynamic-analysis ghidra ida-pro incident-response malware malware-analysis malware-samples memory-forensics network-traffic-analysis reverse-engineering static-analysis wireshark yara
Last synced: 22 Jun 2025
https://github.com/serialphotog/linux-memory-dumper
A POC tool for dumping the memory on a running Linux system.
forensics linux memory-forensics proof-of-concept
Last synced: 05 Oct 2025
https://github.com/compcode1/lsass-memory-scraping
The case illustrates the power of structured host-based triage — beginning with logs and EDR, and moving through file inspection, RAM capture, and finally, network artifact confirmation.
credential-dumping cybersecurity cybersecurity-case-study digital-forensics edr-analysis host-triage lsass memory-forensics mimikatz powershell-analysis windows-forensics
Last synced: 16 Sep 2025
https://github.com/serialphotog/linux-memory-analysis-tools
Various POC tools for dumping and scanning the memory on a Linux system.
forensics linux memory-forensics proof-of-concept
Last synced: 06 Apr 2025
https://github.com/ditekshen/back-in-2017
The Kill Chain Evolution of a Middle Eastern Threat Actor Intelligence from Seventeen Months of Deception and Analysis of Politically Targeted Malware Attacks
android attack clamav deception houdini kill-chain malware memory-forensics meterpreter middle-east mitre-attack political python scoute-elite sigma threat-actors threat-intelligence yara
Last synced: 27 Feb 2025
