15 results found Sort:

hasherezade
pe-sieve hasherezade
449
3.3k
bsd-2-clause
103
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
scans hooking pe-sieve libpeconv pe-dumper pe-format pe-analyzer anti-malware malware-analysis memory-forensics process-analyzer
Created 2017-08-22
1,956 commits to master branch, last one 3 days ago
hasherezade
hollows_hunter hasherezade
270
2.1k
bsd-2-clause
65
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
pe-sieve anti-malware malware-analysis memory-forensics malware-detection
Created 2018-01-11
794 commits to master branch, last one 23 days ago
stuxnet999
MemLabs stuxnet999
212
1.7k
mit
47
Educational, CTF-styled labs for individuals interested in Memory Forensics
ctf dfir windows security forensics cybersecurity ctf-challenges memory-forensics digital-forensics
Created 2019-08-22
28 commits to master branch, last one 4 years ago
microsoft
avml microsoft
79
938
mit
30
AVML - Acquire Volatile Memory for Linux
rust linux-security memory-forensics
Created 2019-06-06
517 commits to main branch, last one 14 days ago
hasherezade
mal_unpack hasherezade
71
725
bsd-2-clause
28
Dynamic unpacker based on PE-sieve
pe-sieve libpeconv malware-analysis malware-unpacker memory-forensics
Created 2018-07-08
381 commits to master branch, last one about a month ago
LETHAL-FORENSICS
MemProcFS-Analyzer LETHAL-FORENSICS
66
619
gpl-3.0
26
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
dfir memprocfs powershell live-response memory-forensics digital-forensics incident-response
Created 2021-05-15
145 commits to main branch, last one about a month ago
teamdfir
sift teamdfir
65
503
mit
72
SIFT
aws cli cast sans sift forensics saltstack salt-state cast-distro issues-only memory-forensics timeline-analysis
Created 2014-01-18
31 commits to master branch, last one about a year ago
patois
IDACyber patois
32
291
mit
22
Data Visualization Plugin for IDA Pro
ida cyber ida-pro pixel-art color-filter exploitation memory-hacking idapython-plugin memory-forensics firmware-analysis data-visualization reverse-engineering
Created 2017-01-12
132 commits to master branch, last one 2 years ago
cado-security
varc cado-security
13
253
gpl-3.0
7
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
aws dfir security forensics aws-lambda aws-fargate aws-forensics eks-forensics hacktoberfest cloud-security dfir-automation docker-forensics memory-forensics fargate-forensics
This repository has been archived (exclude archived)
Created 2022-09-16
74 commits to main branch, last one 7 months ago
LETHAL-FORENSICS
Collect-MemoryDump LETHAL-FORENSICS
29
237
gpl-3.0
6
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
dfir powershell live-response memory-forensics digital-forensics incident-response memory-acquisition
Created 2022-07-14
44 commits to main branch, last one 23 days ago
asiamina
A-Course-on-Digital-Forensics asiamina
46
182
unknown
17
A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University
courses disk-forensics memory-forensics mobile-forensics digital-forensics network-forensics reverse-engineering
Created 2018-05-08
501 commits to master branch, last one about a year ago
msuiche
LiveCloudKd msuiche
47
178
gpl-3.0
10
Hyper-V Research is trendy now
memory-forensics virtual-machines
Created 2018-06-17
136 commits to master branch, last one 11 months ago
cado-security
rip_raw cado-security
16
130
apache-2.0
8
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
dfir security forensics dfir-automation memory-forensics forensic-analysis
This repository has been archived (exclude archived)
Created 2022-01-27
6 commits to main branch, last one 3 years ago
kh4sh3i
Malware-Analysis kh4sh3i
11
76
cc0-1.0
4
A curated list of awesome malware analysis tools and resources
mobsf windbg x64dbg ida-pro malware forensic volatility malware-analysis memory-forensics malware-detection reverse-engineering
Created 2022-01-07
13 commits to main branch, last one 3 years ago
Apr4h
GetInjectedThreads Apr4h
12
53
unknown
1
C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
blueteam memory-forensics incident-response process-injection
Created 2020-06-18
24 commits to master branch, last one 3 years ago