Data Visualization Plugin for IDA Pro
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
Allows you to quickly query a Windows machine for RAM artifacts
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
A short and small memory forensics helper.
Tool to extract the kallsyms (System.map) from a memory dump
A suite of Volatility 3 plugins for memory forensics of Docker containers
Volatility 3 plugins to extract a module as complete as possible
Linux BPF plugins for Volatility3
Tool to find memory artifacts present in instant messaging applications.
Introducing the Temporal Dimension to Memory Forensics - ACM Transactions on Privacy and Security 2019
Data structure detection with neural networks.
Volatility plugin to obtain the number of the resident memory pages per module (exe or dll) and per driver from a Windows memory dump.
Volatility plugin to yield and compare similarity digest of modules on execution.
Volatility profile for uclinux
Volatility plugins to recover ML model attributes from memory images
Janus: malware analysis by memory comparison
Enhancing RAM Investigation with LLM and RAG
Add a description, image, and links to the memory-forensics topic page so that developers can more easily learn about it.
To associate your repository with the memory-forensics topic, visit your repo's landing page and select "manage topics."