Volatility profile for uclinux
-
Updated
Jun 19, 2020 - Python
Volatility profile for uclinux
Volatility plugin to obtain the number of the resident memory pages per module (exe or dll) and per driver from a Windows memory dump.
Volatility plugin to yield and compare similarity digest of modules on execution.
Volatility 3 plugins to extract a module as complete as possible
Volatility 2.6 plugin to undo modifications done by relocation process on modules
A library to read and write LiME files/blobs in python
Janus: malware analysis by memory comparison
A ProcInjectionsFind volatility plugin runs against malware-infected memory images or memory of live VMs and examines each memory region of all running processes to conclude if it is the result of process injection.
Introducing the Temporal Dimension to Memory Forensics - ACM Transactions on Privacy and Security 2019
Dump Module Mixer (dumd-mixer) is a Python script to generate a module from the same module extracted from a collection of memory dumps.
PyMem - Memory Acquisition Tool
Linux BPF plugins for Volatility3
Tool to find memory artifacts present in instant messaging applications.
Data structure detection with neural networks.
Volatility plugins to recover ML model attributes from memory images
Tool to extract the kallsyms (System.map) from a memory dump
A suite of Volatility 3 plugins for memory forensics of Docker containers
Add a description, image, and links to the memory-forensics topic page so that developers can more easily learn about it.
To associate your repository with the memory-forensics topic, visit your repo's landing page and select "manage topics."