504ensicsLabs / LiME
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
☆1,777Updated 4 months ago
Alternatives and similar repositories for LiME:
Users that are interested in LiME are comparing it to the libraries listed below
- Rekall Memory Forensic Framework☆1,940Updated 4 years ago
- An advanced memory forensics framework☆7,528Updated last year
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,412Updated this week
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,854Updated last month
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,662Updated last year
- Super timeline all the things☆1,784Updated last month
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,139Updated last year
- yarGen is a generator for YARA rules☆1,602Updated 8 months ago
- ☆3,515Updated 11 months ago
- AVML - Acquire Volatile Memory for Linux☆908Updated this week
- Repository of yara rules☆4,287Updated 10 months ago
- Binary analysis and management framework☆1,544Updated last year
- The Python interface for YARA☆677Updated 2 months ago
- Script for searching the extracted firmware file system for goodies!☆1,098Updated last year
- Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, A…☆1,910Updated 3 months ago
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆2,719Updated this week
- Loki - Simple IOC and YARA Scanner☆3,467Updated 2 months ago
- Platform for Architecture-Neutral Dynamic Analysis☆2,548Updated this week
- Volatility 3.0 development☆2,907Updated this week
- Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors☆3,341Updated last year
- Please no pull requests for this repository. Thanks!☆2,130Updated last week
- Builds malware analysis Windows VMs so that you don't have to.☆1,041Updated 3 years ago
- A static analyzer for PE executables.☆1,043Updated last year
- pefile is a Python module to read and work with PE (Portable Executable) files☆1,910Updated 5 months ago
- YARA signature and IOC database for my scanners and tools☆2,554Updated last week
- Platform for emulation and dynamic analysis of Linux-based firmware☆1,874Updated 7 months ago
- ☆956Updated 2 weeks ago
- The pattern matching swiss knife☆8,542Updated last week
- Malcom - Malware Communications Analyzer☆1,159Updated 7 years ago
- A curated list of awesome YARA rules, tools, and people.☆3,684Updated last week